{"id":461,"name":"serve-static","ecosystem":"npm","repository_url":"https://github.com/expressjs/serve-static","issues_count":2948,"created_at":"2025-06-06T15:01:34.687Z","updated_at":"2025-06-06T15:01:34.687Z","purl":"pkg:npm/serve-static","metadata":{"id":2348398,"name":"serve-static","ecosystem":"npm","description":"Serve static files","homepage":"https://github.com/expressjs/serve-static#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/expressjs/serve-static","keywords_array":[],"namespace":null,"versions_count":67,"first_release_published_at":"2014-03-06T03:09:32.347Z","latest_release_published_at":"2025-03-28T00:38:59.780Z","latest_release_number":"2.2.0","last_synced_at":"2025-03-28T00:40:13.177Z","created_at":"2022-04-10T00:31:51.166Z","updated_at":"2025-05-17T02:00:27.204Z","registry_url":"https://www.npmjs.com/package/serve-static","install_command":"npm install serve-static","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"next":"2.1.0","latest":"2.2.0"}},"repo_metadata":{"id":14743301,"uuid":"17464338","full_name":"expressjs/serve-static","owner":"expressjs","description":"Serve static files","archived":false,"fork":false,"pushed_at":"2025-03-03T19:40:02.000Z","size":404,"stargazers_count":1406,"open_issues_count":17,"forks_count":234,"subscribers_count":30,"default_branch":"master","last_synced_at":"2025-03-20T22:06:24.019Z","etag":null,"topics":["expressjs","javascript","middleware","nodejs","send","serve-files"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/expressjs.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"express"}},"created_at":"2014-03-06T03:07:17.000Z","updated_at":"2025-03-20T15:18:06.000Z","dependencies_parsed_at":"2024-12-23T20:07:16.518Z","dependency_job_id":"77acfbad-40bd-4c13-9db8-12dc92e15552","html_url":"https://github.com/expressjs/serve-static","commit_stats":{"total_commits":370,"total_committers":17,"mean_commits":"21.764705882352942","dds":0.08378378378378382,"last_synced_commit":"e2bf828a6899e18969e522ddce304fec497b058f"},"previous_names":[],"tags_count":66,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/expressjs","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245949553,"owners_count":20698916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"expressjs","name":"expressjs","uuid":"5658226","kind":"organization","description":"Express.js: the fast, unopinionated, minimalist web framework for node","email":null,"website":"https://expressjs.com/","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/5658226?v=4","repositories_count":44,"last_synced_at":"2024-04-14T06:44:27.360Z","metadata":{"has_sponsors_listing":false,"funding":{"open_collective":"express"}},"html_url":"https://github.com/expressjs","funding_links":["https://opencollective.com/express"],"total_stars":122430,"followers":1481,"following":0,"created_at":"2022-11-02T16:18:58.194Z","updated_at":"2024-04-14T06:44:39.104Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/expressjs","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/expressjs/repositories"},"tags":[{"name":"v1.16.2","sha":"ec9c5ecfb09368519e4698ffbbe1882de00d0ef2","kind":"tag","published_at":"2024-09-11T18:24:09.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.16.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.16.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.16.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.16.2/manifests"},{"name":"v1.16.1","sha":"77a8255688cc4affc70e6dc9aa02e3ced4957e77","kind":"tag","published_at":"2024-09-11T17:13:59.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.16.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.16.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.16.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.16.1/manifests"},{"name":"2.1.0","sha":"87c5f092ed7cd23202f699b08c7f407c2b536df0","kind":"commit","published_at":"2024-09-10T01:15:38.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/2.1.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/2.1.0/manifests"},{"name":"1.16.0","sha":"48c73970b129b96cba448e792576ad89b1f9fbed","kind":"commit","published_at":"2024-09-10T01:12:39.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/1.16.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/1.16.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/1.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/1.16.0/manifests"},{"name":"v2.0.0","sha":"707f803715ccbd2030aa87a6f756fb040a946262","kind":"tag","published_at":"2024-08-23T20:58:56.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v2.0.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0/manifests"},{"name":"v2.0.0-beta.2","sha":"2b97892a24668b6f0a8741f5b0956284cd1f1a36","kind":"tag","published_at":"2024-03-21T01:52:46.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v2.0.0-beta.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v2.0.0-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0-beta.2/manifests"},{"name":"v1.15.0","sha":"9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4","kind":"tag","published_at":"2022-03-25T02:16:46.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.15.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.15.0/manifests"},{"name":"v2.0.0-beta.1","sha":"1362955ca123076a96a4f3693086062e845fb225","kind":"tag","published_at":"2022-02-05T18:46:19.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v2.0.0-beta.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v2.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v2.0.0-beta.1/manifests"},{"name":"v1.14.2","sha":"8dbf16269362b5bc20134dac9f0ca44c0abfc038","kind":"tag","published_at":"2021-12-16T04:53:05.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.14.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.14.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.2/manifests"},{"name":"v1.14.1","sha":"94feedb81682f4503ed9f8dc6d51a5c1b9bfa091","kind":"tag","published_at":"2019-05-11T03:24:17.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.14.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.1/manifests"},{"name":"v1.14.0","sha":"a8918403e423da80993ecafdec5709d75e06e6c2","kind":"tag","published_at":"2019-05-08T02:48:31.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.14.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.14.0/manifests"},{"name":"v1.13.2","sha":"f287bd6c26ad2bfd0422c533b0358f2f4b16f7db","kind":"commit","published_at":"2018-02-07T17:31:02.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.13.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.13.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.2/manifests"},{"name":"v1.13.1","sha":"f6f76136aa967f917886730c57efd4c9d3bc12f7","kind":"commit","published_at":"2017-09-29T19:50:17.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.13.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.13.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.1/manifests"},{"name":"v1.13.0","sha":"1c58cfdd2ab8bee9ed5d37bb5b54047f839349ed","kind":"commit","published_at":"2017-09-28T00:52:51.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.13.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.13.0/manifests"},{"name":"v1.12.6","sha":"843d1eabfdef46396c4f6d59d19a955f14574aaa","kind":"commit","published_at":"2017-09-23T00:17:12.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.6","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.6/manifests"},{"name":"v1.12.5","sha":"afd17c3a6ffe81085e606b89d103959a6dc1ef19","kind":"commit","published_at":"2017-09-21T23:15:12.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.5","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.5/manifests"},{"name":"v1.12.4","sha":"c16b4d1c2c7bc1aaf76194187f087549b63bf2f9","kind":"commit","published_at":"2017-08-06T05:46:21.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.4","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.4/manifests"},{"name":"v1.12.3","sha":"281475f89cf5b3f4801ed4e5767fce7b0976e411","kind":"commit","published_at":"2017-05-17T05:13:25.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.3/manifests"},{"name":"v1.12.2","sha":"cb296b7ddfa869590d5ce0acb3f4a96b66f1d2b7","kind":"commit","published_at":"2017-04-27T02:49:21.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.2/manifests"},{"name":"v1.12.1","sha":"3e6e778fcf6c88dcf659b8f1d5f06be2eebbe2db","kind":"commit","published_at":"2017-03-05T03:46:18.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.1/manifests"},{"name":"v1.12.0","sha":"f75f96908b3b4add99352a59af13560859a1b10a","kind":"commit","published_at":"2017-02-26T00:03:20.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.12.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.12.0/manifests"},{"name":"v1.11.2","sha":"01f2a83d7456ef03a89e8c951c757dd79ae92522","kind":"commit","published_at":"2017-01-23T16:35:41.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.11.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.11.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.2/manifests"},{"name":"v1.11.1","sha":"b3a24df138ea2f2c43afcbee0dcce5badf4c78ae","kind":"commit","published_at":"2016-06-11T01:08:24.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.11.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.1/manifests"},{"name":"v1.11.0","sha":"28022afd11828493521162287b550a508f60769f","kind":"commit","published_at":"2016-06-08T05:25:48.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.11.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.11.0/manifests"},{"name":"v1.10.3","sha":"8be028d005967471832109d777daa4b45bd1948b","kind":"commit","published_at":"2016-05-31T03:18:53.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.10.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.10.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.3/manifests"},{"name":"v1.10.2","sha":"aec36c897a33c6c2421fa41cc4947042d67332f6","kind":"commit","published_at":"2016-01-20T04:59:50.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.10.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.10.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.2/manifests"},{"name":"v1.10.1","sha":"8a5da6bf09f515323fd4a669b8f8074762bdf678","kind":"commit","published_at":"2016-01-17T04:21:06.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.10.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.1/manifests"},{"name":"v1.10.0","sha":"856c5e0f796a8988525c356018594bfb8c51a4fa","kind":"commit","published_at":"2015-06-18T04:32:28.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.10.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.10.0/manifests"},{"name":"v1.9.3","sha":"c76d20a9f51a15a467eab2b0610e5de60506dfbc","kind":"commit","published_at":"2015-05-15T05:11:52.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.9.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.3/manifests"},{"name":"v1.9.2","sha":"6446e1c45de75f143b36ce60dd75c4daf52d2376","kind":"commit","published_at":"2015-03-15T02:22:26.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.9.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.2/manifests"},{"name":"v1.9.1","sha":"8cce88d079c19cb8ace548f60bd216622de993e1","kind":"commit","published_at":"2015-02-17T18:56:58.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.9.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.1/manifests"},{"name":"v1.9.0","sha":"0909dce1eec7dd5cf0cc29ebc9deb3ea1fb56636","kind":"commit","published_at":"2015-02-17T00:22:29.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.9.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.9.0/manifests"},{"name":"v1.6.5","sha":"07632f27cd7690f516f4f4994279cde4ad6c01d5","kind":"commit","published_at":"2015-02-04T22:11:11.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.5","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.5/manifests"},{"name":"v1.8.1","sha":"5a47eff4e550f30a7a1e5fb87c8656a1b8dbb249","kind":"commit","published_at":"2015-01-21T04:58:59.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.8.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.8.1/manifests"},{"name":"v1.8.0","sha":"dadd5479f4316a1201817c6b39be67e2417f3a51","kind":"commit","published_at":"2015-01-06T01:25:37.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.8.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.8.0/manifests"},{"name":"v1.7.2","sha":"40f88bd0269cd4f4ffcb52bded570ad57e4b56ba","kind":"commit","published_at":"2015-01-03T04:31:13.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.7.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.2/manifests"},{"name":"v1.7.1","sha":"61f59894e6a3d41532383ca440a395772bcdc8ed","kind":"commit","published_at":"2014-10-23T04:16:18.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.7.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.1/manifests"},{"name":"v1.7.0","sha":"25a23406b3447d7bc5af283f158da7c4ad05ba03","kind":"commit","published_at":"2014-10-16T04:12:34.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.7.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.7.0/manifests"},{"name":"v1.6.4","sha":"f1308134d21aeaf5849a3d41c3a04b1779819f3c","kind":"commit","published_at":"2014-10-08T16:12:31.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.4","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.4/manifests"},{"name":"v1.6.3","sha":"14deeaf397728ee25119bf340eeb37e14ab620b3","kind":"commit","published_at":"2014-09-24T20:00:39.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.3/manifests"},{"name":"v1.6.2","sha":"7053ce75b7091a891d3bcb88a2b19b1b0692396c","kind":"commit","published_at":"2014-09-16T05:52:00.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.2/manifests"},{"name":"v1.6.1","sha":"8c96c3815cd0c96cbe8af68f303c2d36189d3b88","kind":"commit","published_at":"2014-09-08T03:00:15.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.1/manifests"},{"name":"v1.6.0","sha":"229f5486e87518ee88b4fd0c5563e02126032121","kind":"commit","published_at":"2014-09-08T01:56:07.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.6.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.6.0/manifests"},{"name":"v1.5.4","sha":"8f3185f75261cc7b2e87c04cf1377e154bdae1a7","kind":"commit","published_at":"2014-09-05T05:05:50.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.5.4","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.4/manifests"},{"name":"v1.5.3","sha":"7c237ec83ee199d181b5abfeab2ee986c1394dde","kind":"commit","published_at":"2014-08-17T17:58:02.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.5.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.3/manifests"},{"name":"v1.5.2","sha":"72f7362176cf62172617cd795d6c94b295f0c610","kind":"commit","published_at":"2014-08-15T01:43:33.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.5.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.2/manifests"},{"name":"v1.5.1","sha":"e9df84943e8104ca3cdbf75096964bbfedd3b180","kind":"commit","published_at":"2014-08-10T03:48:44.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.5.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.1/manifests"},{"name":"v1.5.0","sha":"b292a569848a3a7f60f6c87eabc87780c0954311","kind":"commit","published_at":"2014-08-06T05:23:46.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.5.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.5.0/manifests"},{"name":"v1.4.4","sha":"90b8f98c641a4c26854754e405365b1d5a388e31","kind":"commit","published_at":"2014-08-04T21:12:27.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.4.4","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.4/manifests"},{"name":"v1.4.3","sha":"e83282d5ed2859a30dc3a15716f5fec209aeb739","kind":"commit","published_at":"2014-07-30T01:54:35.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.4.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.3/manifests"},{"name":"v1.4.2","sha":"052feb4960a50970b392125c9096a36de87d31c3","kind":"commit","published_at":"2014-07-27T19:15:57.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.4.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.2/manifests"},{"name":"v1.4.1","sha":"f35ccfde837fe20d689128c91851ebf4bfb51ae2","kind":"commit","published_at":"2014-07-26T20:51:54.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.4.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.1/manifests"},{"name":"v1.4.0","sha":"9823143c2f6418daf0870f519d3185c3d00309d1","kind":"commit","published_at":"2014-07-22T02:31:53.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.4.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.4.0/manifests"},{"name":"v1.3.2","sha":"f35dc5548ee391bfb22d90cc4871fcd80b227f0a","kind":"commit","published_at":"2014-07-12T02:09:19.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.3.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.2/manifests"},{"name":"v1.3.1","sha":"d3ee6b2ac374fda77a64f8233dce9eaa524f3826","kind":"commit","published_at":"2014-07-09T15:10:18.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.3.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.1/manifests"},{"name":"v1.3.0","sha":"7a2f3c6ca8c91ee8cb7dc74a27d01b788c2ed5a7","kind":"commit","published_at":"2014-06-29T00:31:47.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.3.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.3.0/manifests"},{"name":"v1.2.3","sha":"9b62eb425f96e421e324cbe23552c214153d6034","kind":"commit","published_at":"2014-06-12T01:43:00.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.2.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.3/manifests"},{"name":"v1.2.2","sha":"7a21a5f0c47330db6c13edf7522358320b58ce3c","kind":"tag","published_at":"2014-06-09T20:41:41.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.2.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.2/manifests"},{"name":"v1.2.1","sha":"0e48e7d7be26cde7495241108e73e8e16e657109","kind":"tag","published_at":"2014-06-03T00:42:07.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.2.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.1/manifests"},{"name":"v1.2.0","sha":"ef5cd8ac49316a14f3e3ea3b5f84753b6b8cdc22","kind":"tag","published_at":"2014-05-29T17:11:25.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.2.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.2.0/manifests"},{"name":"v1.1.0","sha":"8c59da0289999a010bcdbf4ad009f0519887e9f3","kind":"tag","published_at":"2014-04-24T18:06:18.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.1.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.1.0/manifests"},{"name":"v1.0.4","sha":"62540a3e88809781dbb0393affe6b82178f146af","kind":"tag","published_at":"2014-04-07T16:45:18.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.0.4","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.4/manifests"},{"name":"v1.0.3","sha":"e7c792749fd2e3f482a5963f43c4a05d42e4863e","kind":"commit","published_at":"2014-03-20T18:09:09.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.0.3","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.3/manifests"},{"name":"v1.0.2","sha":"bf5d02f4ece84e7cb7b27a50f43b6ed938c41697","kind":"commit","published_at":"2014-03-06T15:03:20.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.0.2","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.2/manifests"},{"name":"v1.0.1","sha":"b1b61a66547bf009a04196589c4a726ce5db2ed6","kind":"commit","published_at":"2014-03-06T03:26:28.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.0.1","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"0b849659bf45bafc02a16318fb3b8f50f609ecff","kind":"commit","published_at":"2014-03-06T03:06:10.000Z","download_url":"https://codeload.github.com/expressjs/serve-static/tar.gz/v1.0.0","html_url":"https://github.com/expressjs/serve-static/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/expressjs%2Fserve-static/tags/v1.0.0/manifests"}]},"repo_metadata_updated_at":"2025-03-28T00:40:26.334Z","dependent_packages_count":5768,"downloads":166108478,"downloads_period":"last-month","dependent_repos_count":4975561,"rankings":{"downloads":0.010185295718561662,"dependent_repos_count":0.0003011780992047803,"dependent_packages_count":0.01579816029465075,"stargazers_count":2.1575030035670437,"forks_count":2.211633527483741,"docker_downloads_count":0.015360083059443795,"average":0.7351302080371077},"purl":"pkg:npm/serve-static","advisories":[{"uuid":"GSA_kwCzR0hTQS1jbTIyLTRnN3ctMzQ4cM4AA_cY","url":"https://github.com/advisories/GHSA-cm22-4g7w-348p","title":"serve-static vulnerable to template injection that can lead to XSS","description":"### Impact\n\npassing untrusted user input - even after sanitizing it - to `redirect()` may execute untrusted code\n\n### Patches\n\nthis issue is patched in serve-static 1.16.0\n\n### Workarounds\n\nusers are encouraged to upgrade to the patched version of express, but otherwise can workaround this issue by making sure any untrusted inputs are safe, ideally by validating them against an explicit allowlist\n\n### Details\n\nsuccessful exploitation of this vector requires the following:\n\n1. The attacker MUST control the input to response.redirect()\n1. express MUST NOT redirect before the template appears\n1. the browser MUST NOT complete redirection before:\n1. the user MUST click on the link in the template\n","origin":"UNSPECIFIED","severity":"LOW","published_at":"2024-09-10T19:42:33.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.3,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L","references":["https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p","https://nvd.nist.gov/vuln/detail/CVE-2024-43800","https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b","https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa","https://github.com/advisories/GHSA-cm22-4g7w-348p"],"source_kind":"github","identifiers":["GHSA-cm22-4g7w-348p","CVE-2024-43800"],"repository_url":"https://github.com/expressjs/serve-static","blast_radius":15.402736726557887,"packages":[{"versions":[{"first_patched_version":"2.1.0","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.1.0"},{"first_patched_version":"1.16.0","vulnerable_version_range":"\u003c 1.16.0"}],"ecosystem":"npm","package_name":"serve-static"}],"created_at":"2024-09-10T20:06:11.261Z","updated_at":"2025-05-17T01:10:13.255Z","epss_percentage":0.00028,"epss_percentile":0.06437},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzeDctZ2pteC1yMmZm","url":"https://github.com/advisories/GHSA-c3x7-gjmx-r2ff","title":"Open Redirect in serve-static","description":"Versions of `serve-static` prior to 1.6.5 ( or 1.7.x prior to 1.7.2 ) are affected by an open redirect vulnerability on some browsers when configured to mount at the root directory.\n\n\n## Proof of Concept\n\nA link to `http://example.com//www.google.com/%2e%2e` will redirect to `//www.google.com/%2e%2e`\n\nSome browsers will interpret this as `http://www.google.com/%2e%2e`, resulting in an external redirect.\n\n\n## Recommendation\n\nVersion 1.7.x: Update to version 1.7.2 or later.\nVersion 1.6.x: Update to version 1.6.5 or later.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2020-08-31T22:57:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/expressjs/serve-static/issues/26","https://www.npmjs.com/advisories/35","https://nvd.nist.gov/vuln/detail/CVE-2015-1164","https://bugzilla.redhat.com/show_bug.cgi?id=1181917","https://exchange.xforce.ibmcloud.com/vulnerabilities/99936","https://snyk.io/vuln/npm:serve-static:20150113","http://www.securityfocus.com/bid/72064","https://github.com/advisories/GHSA-c3x7-gjmx-r2ff"],"source_kind":"github","identifiers":["GHSA-c3x7-gjmx-r2ff","CVE-2015-1164"],"repository_url":"https://github.com/expressjs/serve-static","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"1.7.2","vulnerable_version_range":"\u003e= 1.7.0, \u003c 1.7.2"},{"first_patched_version":"1.7.2","vulnerable_version_range":"\u003c 1.6.5"}],"ecosystem":"npm","package_name":"serve-static"}],"created_at":"2022-12-21T16:13:22.577Z","updated_at":"2023-01-09T05:03:33.000Z","epss_percentage":0.003,"epss_percentile":0.52799}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/serve-static","docker_dependents_count":47412,"docker_downloads_count":6652961403,"usage_url":"https://repos.ecosyste.ms/usage/npm/serve-static","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/serve-static/dependencies","status":null,"funding_links":["https://opencollective.com/express"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/serve-static/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/serve-static/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/serve-static/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/serve-static/related_packages","maintainers":[{"uuid":"dougwilson","login":"dougwilson","name":null,"email":"doug@somethingdoug.com","url":null,"packages_count":103,"html_url":"https://www.npmjs.com/~dougwilson","role":null,"created_at":"2022-11-10T12:01:06.302Z","updated_at":"2022-11-10T12:01:06.302Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/dougwilson/packages"},{"uuid":"wesleytodd","login":"wesleytodd","name":null,"email":"wes@wesleytodd.com","url":null,"packages_count":172,"html_url":"https://www.npmjs.com/~wesleytodd","role":null,"created_at":"2024-03-21T01:55:13.691Z","updated_at":"2024-03-21T01:55:13.691Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/wesleytodd/packages"},{"uuid":"ulisesgascon","login":"ulisesgascon","name":null,"email":"ulisesgascondev@gmail.com","url":null,"packages_count":207,"html_url":"https://www.npmjs.com/~ulisesgascon","role":null,"created_at":"2024-05-30T19:05:15.368Z","updated_at":"2024-05-30T19:05:15.368Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/ulisesgascon/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5003247,"maintainers_count":1012200,"namespaces_count":295147,"keywords_count":699473,"github":"npm","metadata":{"funded_packages_count":150164},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-04T06:01:37.253Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":2476,"unique_repositories_count_past_30_days":8,"recent_issues":[{"uuid":"4554001511","node_id":"PR_kwDOQ3fS3M7g7JxM","number":2,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 6 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:35:50.000Z","updated_at":"2026-05-30T09:40:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":11,"packages":[{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"send","old_version":"0.17.1","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [send](https://github.com/pillarjs/send) | `0.17.1` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n\nBumps the npm_and_yarn group with 5 updates in the /11-integrating-with-function-calling/typescript/function-app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.15` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [axios](https://github.com/axios/axios) | `1.12.0` | `1.16.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `2.0.0` | `2.0.1` |\n\nBumps the npm_and_yarn group with 4 updates in the /09-building-image-applications/typescript/image-generation-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /08-building-search-applications/typescript/search-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /07-building-chat-applications/typescript/chat-completions-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /06-text-generation-apps/typescript/recipe-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [qs](https://github.com/ljharb/qs).\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.0 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes bug when a pattern containing an expression after the closing parenthesis (\u003ccode\u003e/!(*.d).{ts,tsx}\u003c/code\u003e) was incorrectly converted to regexp (\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241ef\"\u003e9f241ef\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSome documentation improvements (\u003ca href=\"https://github.com/micromatch/picomatch/commit/f81d236\"\u003ef81d236\u003c/a\u003e, \u003ca href=\"https://github.com/micromatch/picomatch/commit/421e0e7\"\u003e421e0e7\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5467a5a9638472610de4f30709991b9a56bb5613\"\u003e\u003ccode\u003e5467a5a\u003c/code\u003e\u003c/a\u003e 2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241efedc15a21bcec1edafd43ee773ceb4bc35\"\u003e\u003ccode\u003e9f241ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/102\"\u003e#102\u003c/a\u003e from micromatch/ISSUE-93_incorrect_extglob_expanding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac3cb660ca76764627aa825676df59378dd60bcd\"\u003e\u003ccode\u003eac3cb66\u003c/code\u003e\u003c/a\u003e fix: support stars in negation extglobs with expression after closing parenth...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/719d348d8a01cf23c6c10568191c1ad5a3fc33e3\"\u003e\u003ccode\u003e719d348\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/85\"\u003e#85\u003c/a\u003e from XhmikosR/codeql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac74e57b38a0d16de8e1752a62003e49c1622cec\"\u003e\u003ccode\u003eac74e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/91\"\u003e#91\u003c/a\u003e from XhmikosR/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.0...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.17.1 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.18.0 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.17.2 / 2021-12-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003cli\u003edeps: http-errors@1.8.1\n\u003cul\u003e\n\u003cli\u003edeps: inherits@2.0.4\u003c/li\u003e\n\u003cli\u003edeps: toidentifier@1.0.1\u003c/li\u003e\n\u003cli\u003edeps: setprototypeof@1.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b69cbb3dc4c09c37917d08a4c13fcd1bac97ade5\"\u003e\u003ccode\u003eb69cbb3\u003c/code\u003e\u003c/a\u003e 0.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f53edbb7f4f7ebdd936d3d714d84d52f2d3d00f3\"\u003e\u003ccode\u003ef53edbb\u003c/code\u003e\u003c/a\u003e Limit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/706d6ddf0d3c8a9248fc1edbc3ff60bbc6ad7b93\"\u003e\u003ccode\u003e706d6dd\u003c/code\u003e\u003c/a\u003e docs: add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b690ba4bd149d20fa6687ee6298fb6aede5b21d7\"\u003e\u003ccode\u003eb690ba4\u003c/code\u003e\u003c/a\u003e docs: fix linux build badge link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.17.1...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.2 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes bug when a pattern containing an expression after the closing parenthesis (\u003ccode\u003e/!(*.d).{ts,tsx}\u003c/code\u003e) was incorrectly converted to regexp (\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241ef\"\u003e9f241ef\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSome documentation improvements (\u003ca href=\"https://github.com/micromatch/picomatch/commit/f81d236\"\u003ef81d236\u003c/a\u003e, \u003ca href=\"https://github.com/micromatch/picomatch/commit/421e0e7\"\u003e421e0e7\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5467a5a9638472610de4f30709991b9a56bb5613\"\u003e\u003ccode\u003e5467a5a\u003c/code\u003e\u003c/a\u003e 2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241efedc15a21bcec1edafd43ee773ceb4bc35\"\u003e\u003ccode\u003e9f241ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/102\"\u003e#102\u003c/a\u003e from micromatch/ISSUE-93_incorrect_extglob_expanding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac3cb660ca76764627aa825676df59378dd60bcd\"\u003e\u003ccode\u003eac3cb66\u003c/code\u003e\u003c/a\u003e fix: support stars in negation extglobs with expression after closing parenth...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/719d348d8a01cf23c6c10568191c1ad5a3fc33e3\"\u003e\u003ccode\u003e719d348\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/85\"\u003e#85\u003c/a\u003e from XhmikosR/codeql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac74e57b38a0d16de8e1752a62003e49c1622cec\"\u003e\u003ccode\u003eac74e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/91\"\u003e#91\u003c/a\u003e from XhmikosR/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.0...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.12.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate dependency versions across the root and 6 example apps to pick up security fixes and minor improvements. Notable changes include `axios` upgrades in the function-calling app and refreshed libraries for globbing and static file serving.\n\n- **Dependencies**\n  - `axios` → `^1.16.0` in `11-integrating-with-function-calling/typescript/function-app` (stricter size limits; adapter fixes). Also bumps `follow-redirects` and `proxy-from-env`.\n  - Globbing stack: `brace-expansion` → `1.1.15`/`2.1.1`, `minimatch` → `3.1.5`/`9.0.9`, `picomatch` → `2.3.2` (addresses ReDoS/CVEs).\n  - `lodash` → `4.18.1` (security and bug fixes).\n  - Static serving: `send` → `0.19.2`, `serve-static` → `1.16.3` (dependency updates incl. `encodeurl@~2.0.0`).\n  - `ansi-regex` → `4.1.1`/`5.0.1` (ReDoS fix).\n  - Minor patches: `@tootallnate/once` → `2.0.1`, `qs` → `6.15.2`.\n\n- **Migration**\n  - If you use the `axios` fetch adapter, `maxBodyLength` and `maxContentLength` are now enforced; adjust limits if needed. Run `npm ci` and smoke test HTTP calls and static file hosting flows.\n\n\u003csup\u003eWritten for commit 2ef687eca2eb0bca18e7def66432cce678f1c1fe. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/generative-ai-for-beginners/pull/2?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across 6 TypeScript app directories\n\u003e Updates `package-lock.json` files across 6 TypeScript sample apps and bumps `axios` from `^1.12.0` to `^1.16.0` in [function-app/package.json](https://github.com/EmilynnJ/generative-ai-for-beginners/pull/2/files#diff-73386eaaba005f457c749d235af22257ca4ab75e08e7816ed776550549a11add).\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 2ef687e.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/generative-ai-for-beginners/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Fgenerative-ai-for-beginners/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4510028374","node_id":"PR_kwDOO5rMgM7etOKA","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T00:33:42.000Z","updated_at":"2026-05-24T00:34:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"ai","old_version":"4.1.36","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.24.7","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fast-xml-parser","old_version":"4.4.0","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"vm2","old_version":"3.9.19","new_version":"3.11.5","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `4.1.36` | `5.0.52` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.24.7` | `7.29.4` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.0` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.11.5` |\n\nBumps the npm_and_yarn group with 2 updates in the /example directory: [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) and [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `ai` from 4.1.36 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/ai@5.0.52/packages/ai/CHANGELOG.md\"\u003eai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.52\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec56822d: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the \u003ccode\u003eUIMessageChunk\u003c/code\u003e type\u003c/li\u003e\n\u003cli\u003e930399b: fix(ai): download files when intermediate file cannot be downloaded\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [7ca78f1]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.51\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e27645bb: Export \u003ccode\u003eparseJsonEventStream\u003c/code\u003e and \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e from \u0026quot;ai\u0026quot; package\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [322901b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.28\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.50\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c5f403a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.49\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e304478]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.26\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [4d3ff64]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.25\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c86e0f7]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [6bbae01]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.24\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/27645bb653b24dd7e285df7848154f86af309451\"\u003e\u003ccode\u003e27645bb\u003c/code\u003e\u003c/a\u003e Backport: Export \u003ccode\u003eparseJsonEventStream\u003c/code\u003e and \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e from \u0026quot;ai\u0026quot; ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/8b7f0d2eac987a0066befd46a0119d533b1e65e2\"\u003e\u003ccode\u003e8b7f0d2\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8843\"\u003e#8843\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/9eef1982d2d40e190300b3b02d7edafbf5a8b0af\"\u003e\u003ccode\u003e9eef198\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8831\"\u003e#8831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/20bca657c4ebd3cbef370e4a093818cbf0f84eca\"\u003e\u003ccode\u003e20bca65\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8799\"\u003e#8799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4254096b7ffb1d96e3f6a1926ccfffaa1799280f\"\u003e\u003ccode\u003e4254096\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8753\"\u003e#8753\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/ai@5.0.52/packages/ai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 10.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.24.7 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.0 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.4.0...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.1...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.9.19 to 3.11.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/566\"\u003e#566\u003c/a\u003e\u003c/strong\u003e — Restore \u003ccode\u003eutil.inspect\u003c/code\u003e output on Node 26+. \u003ccode\u003econsole.log(vm.run(...))\u003c/code\u003e was rendering as \u003ccode\u003eProxy(Proxy({}))\u003c/code\u003e / \u003ccode\u003eProxy(Proxy([]))\u003c/code\u003e instead of the underlying value. Triggered by Node 26's stricter handling of nested proxies in the inspector.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/567\"\u003e#567\u003c/a\u003e\u003c/strong\u003e — Restore array iteration on \u003ccode\u003evm.freeze()\u003c/code\u003e'd host arrays. Calling \u003ccode\u003e.map()\u003c/code\u003e / \u003ccode\u003e.filter()\u003c/code\u003e / \u003ccode\u003e.forEach()\u003c/code\u003e etc. inside the sandbox on a frozen host object containing arrays threw\n\u003ccode\u003eTypeError: 'isExtensible' on proxy: trap result does not reflect extensibility of proxy target\u003c/code\u003e. Regression from the 3.11.0 proxy-invariant hardening.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/pull/568\"\u003e#568\u003c/a\u003e\u003c/strong\u003e — Fix \u003ccode\u003e.node\u003c/code\u003e extension handler key in \u003ccode\u003elib/resolver.js\u003c/code\u003e (the key was \u003ccode\u003e' .node'\u003c/code\u003e with a leading space, so native addon resolution silently fell through to the default path). Thanks to \u003ca href=\"https://github.com/cherr-cc\"\u003e\u003ccode\u003e@​cherr-cc\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eUpgrade Notes\u003c/h2\u003e\n\u003cp\u003eDrop-in replacement for 3.11.4. No API or configuration changes.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.4...v3.11.5\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.4...v3.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.4\u003c/h2\u003e\n\u003cp\u003eTen advisories closed. Patch release — no API changes for valid configurations.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-c4cf-2hgv-2qv6\u003c/strong\u003e — Bridge \u003ccode\u003eset\u003c/code\u003e trap ignoring ECMA-262 §9.5.9 \u003ccode\u003eReceiver\u003c/code\u003e, letting \u003ccode\u003eObject.create(hostObj)\u003c/code\u003e children and \u003ccode\u003eReflect.set(hostObj, k, v, custom)\u003c/code\u003e writes leak onto the host object (write-channel → RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-m5q2-4fm3-vfqp\u003c/strong\u003e — Cross-realm \u003ccode\u003eSymbol.for\u003c/code\u003e namespace leak + missing dangerous-symbol guards on the bridge's write traps (\u003ccode\u003eset\u003c/code\u003e / \u003ccode\u003edefineProperty\u003c/code\u003e / \u003ccode\u003edeleteProperty\u003c/code\u003e), enabling sandbox-installed \u003ccode\u003enodejs.util.promisify.custom\u003c/code\u003e / stream brand / webstream hooks on host objects (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-v6mx-mf47-r5wg\u003c/strong\u003e — Host prototype mutation via \u003ccode\u003eFunction.prototype.{call,apply,bind}\u003c/code\u003e and \u003ccode\u003eReflect.{apply,construct}\u003c/code\u003e indirection through \u003ccode\u003eObject.prototype.__proto__\u003c/code\u003e setter, severing host intrinsic prototype chains and escaping via \u003ccode\u003ethisEnsureThis\u003c/code\u003e proto-walk fallthrough (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-q3fm-4wcw-g57x\u003c/strong\u003e — Defense Invariant \u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/11\"\u003e#11\u003c/a\u003e violation in \u003ccode\u003edefaultSandboxPrepareStackTrace\u003c/code\u003e (second variant of GHSA-9qj6-qjgg-37qq in a different file): sandbox-installed \u003ccode\u003eArray.prototype[N]\u003c/code\u003e setter / \u003ccode\u003eArray.prototype.join\u003c/code\u003e override could observe bridge-internal stack-trace state.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-76w7-j9cq-rx2j\u003c/strong\u003e — Promise species hijack in \u003ccode\u003elocalPromise\u003c/code\u003e's swallow-tail, hijacking the downstream child constructor to capture V8's internal \u003ccode\u003e(resolve, reject)\u003c/code\u003e capability and reach a raw host-realm error → host \u003ccode\u003eFunction\u003c/code\u003e (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-m4wx-m65x-ghrr\u003c/strong\u003e — NodeVM constructor patch bypass of GHSA-8hg8-63c5-gwmx: any truthy \u003ccode\u003enesting\u003c/code\u003e paired with a non-real-config \u003ccode\u003erequire\u003c/code\u003e produced a NESTING_OVERRIDE-only resolver → inner NodeVM with attacker-chosen \u003ccode\u003erequire\u003c/code\u003e → \u003ccode\u003echild_process\u003c/code\u003e RCE.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-6j2x-vhqr-qr7q\u003c/strong\u003e — WebAssembly JSPI (\u003ccode\u003eWebAssembly.promising\u003c/code\u003e / \u003ccode\u003eWebAssembly.Suspending\u003c/code\u003e, Node 24+ behind a flag, Node 26+ default) producing Promise objects with a host-realm \u003ccode\u003e[[Prototype]]\u003c/code\u003e chain and no bridge interposition; species hijack delivers a raw host-realm rejection to sandbox \u003ccode\u003e.catch\u003c/code\u003e → host \u003ccode\u003eFunction\u003c/code\u003e (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-rp36-8xq3-r6c4\u003c/strong\u003e — NodeVM builtin denylist bypass via \u003ccode\u003eprocess\u003c/code\u003e (whose \u003ccode\u003egetBuiltinModule(name)\u003c/code\u003e reloads any core module regardless of allow/deny config) and \u003ccode\u003einspector/promises\u003c/code\u003e (whose \u003ccode\u003eSession().post('Runtime.evaluate', ...)\u003c/code\u003e evaluates attacker JS in the host realm). Supersedes GHSA-947f-4v7f-x2v8.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-r9pm-gxmw-wv6p\u003c/strong\u003e — NodeVM \u003ccode\u003ebuiltin: ['*']\u003c/code\u003e wildcard exposing Node's undocumented underscored network builtins (\u003ccode\u003e_http_client\u003c/code\u003e, \u003ccode\u003e_http_server\u003c/code\u003e, \u003ccode\u003e_tls_*\u003c/code\u003e, \u003ccode\u003e_stream_*\u003c/code\u003e) even when the documented \u003ccode\u003e-http\u003c/code\u003e/\u003ccode\u003e-https\u003c/code\u003e/\u003ccode\u003e-net\u003c/code\u003e/\u003ccode\u003e-tls\u003c/code\u003e exclusions were used — SSR...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/ai/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fai/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4490800286","node_id":"PR_kwDOHLC4Gs7dvnhb","number":3,"state":"open","title":"build(deps): bump serve-static and express in /storefront-UI-project","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T00:33:19.000Z","updated_at":"2026-05-21T00:33:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.2","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.3","new_version":"4.22.2"}],"path":"/storefront-UI-project","ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.14.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/eggheadio/egghead-projects/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/eggheadio/egghead-projects/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eggheadio%2Fegghead-projects/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4479033558","node_id":"PR_kwDOEzH_b87dJlxJ","number":2257,"state":"closed","title":"Bump the npm_and_yarn group across 4 directories with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T05:09:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T16:11:40.000Z","updated_at":"2026-05-22T05:10:04.000Z","time_to_close":219494,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":23,"packages":[{"name":"@babel/runtime","old_version":"7.27.1","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"semver","old_version":"6.3.1","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"express","old_version":"4.21.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"path-to-regexp","old_version":"0.1.12","new_version":"0.1.13","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.16.2","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the /samples/app-localization/nodejs/client directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.27.1` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [semver](https://github.com/npm/node-semver) | `6.3.1` | `7.8.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [express](https://github.com/expressjs/express) | `4.21.2` | `4.22.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.9` | `1.16.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.16.2` | `1.16.3` |\n\nBumps the npm_and_yarn group with 4 updates in the /samples/tab-add-in-combined/nodejs/add-in directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime), [js-yaml](https://github.com/nodeca/js-yaml), [semver](https://github.com/npm/node-semver) and [body-parser](https://github.com/expressjs/body-parser).\nBumps the npm_and_yarn group with 13 updates in the /samples/tab-add-in-combined/nodejs/tab directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.27.0` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [semver](https://github.com/npm/node-semver) | `6.3.1` | `7.8.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [express](https://github.com/expressjs/express) | `4.21.2` | `4.22.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.9` | `1.16.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.16.2` | `1.16.3` |\n| [axios](https://github.com/axios/axios) | `1.8.4` | `1.16.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n\nBumps the npm_and_yarn group with 16 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.7` | `1.16.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `removed` |\n| [@azure/msal-node](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `1.9.0` | `1.18.4` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n\n\nUpdates `@babel/runtime` from 7.27.1 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cb78b5b50e327e27467086cf8bbe196bda7cea9b\"\u003e\u003ccode\u003ecb78b5b\u003c/code\u003e\u003c/a\u003e [babel 8] Do not replace global \u003ccode\u003eregeneratorRuntime\u003c/code\u003e references in regenerato...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 6.3.1 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v6.3.1...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.21.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.12 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.7 / 2015-07-28\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression with escaped round brackets and matching groups.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.6 / 2015-06-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eReplace \u003ccode\u003eindex\u003c/code\u003e feature by outputting all parameters, unnamed and named.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.5 / 2015-05-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an index property for position in match result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.4 / 2015-03-05\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd license information\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.3 / 2014-07-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBetter array support\u003c/li\u003e\n\u003cli\u003eImproved support for trailing slash in non-ending mode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.0 / 2014-03-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eadd options.end\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.0.2 / 2013-02-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to match current express\u003c/li\u003e\n\u003cli\u003eadd .license property to component.json\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare vi...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2257","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2257","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2257/packages"},{"uuid":"4473194387","node_id":"PR_kwDON_zH6c7c2y4n","number":48,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":20,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T23:10:58.000Z","updated_at":"2026-05-19T00:10:36.588Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"axios","old_version":"1.15.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"express","old_version":"4.22.1","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"body-parser","old_version":"1.20.4","new_version":"2.2.2"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2"},{"name":"send","old_version":"0.19.2","new_version":"1.2.1"},{"name":"serve-static","old_version":"1.16.3","new_version":"2.2.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [express](https://github.com/expressjs/express).\n\nUpdates `axios` from 1.15.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.22.1 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 5.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6933\"\u003eexpressjs/express#6933\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/expressjs/express/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6429\"\u003eexpressjs/express#6429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: simplify \u003ccode\u003eacceptsLanguages\u003c/code\u003e implementation using spread operator by \u003ca href=\"https://github.com/Ayoub-Mabrouk\"\u003e\u003ccode\u003e@​Ayoub-Mabrouk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6137\"\u003eexpressjs/express#6137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eincreased code coverage of utils.js file by \u003ca href=\"https://github.com/ashish3011\"\u003e\u003ccode\u003e@​ashish3011\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6386\"\u003eexpressjs/express#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove duplicate word by \u003ca href=\"https://github.com/dufucun\"\u003e\u003ccode\u003e@​dufucun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6456\"\u003eexpressjs/express#6456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6498\"\u003eexpressjs/express#6498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6497\"\u003eexpressjs/express#6497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6496\"\u003eexpressjs/express#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6504\"\u003eexpressjs/express#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update codeql config by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6488\"\u003eexpressjs/express#6488\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6512\"\u003eexpressjs/express#6512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typos in test by \u003ca href=\"https://github.com/noritaka1166\"\u003e\u003ccode\u003e@​noritaka1166\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6535\"\u003eexpressjs/express#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: disable credential persistence for checkout actions by \u003ca href=\"https://github.com/mertssmnoglu\"\u003e\u003ccode\u003e@​mertssmnoglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6522\"\u003eexpressjs/express#6522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: allow manual triggering of workflow by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6515\"\u003eexpressjs/express#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: add coverage for app.listen() variants by \u003ca href=\"https://github.com/kgarg1\"\u003e\u003ccode\u003e@​kgarg1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6476\"\u003eexpressjs/express#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move documentation and charters to the discussions and .github … by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6427\"\u003eexpressjs/express#6427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6549\"\u003eexpressjs/express#6549\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6548\"\u003eexpressjs/express#6548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: enforce explicit \u003ccode\u003eBuffer\u003c/code\u003e import and add lint rule by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6525\"\u003eexpressjs/express#6525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use node protocol for querystring by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6520\"\u003eexpressjs/express#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo by \u003ca href=\"https://github.com/mountdisk\"\u003e\u003ccode\u003e@​mountdisk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6609\"\u003eexpressjs/express#6609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6618\"\u003eexpressjs/express#6618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd deprecation warnings for redirect arguments undefined by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6405\"\u003eexpressjs/express#6405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: run CI when the markdown changes by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6632\"\u003eexpressjs/express#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: fix CONTRIBUTING link by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6653\"\u003eexpressjs/express#6653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update contributing guidelines and code of conduct links by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6601\"\u003eexpressjs/express#6601\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump morgan from 1.10.0 to 1.10.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6679\"\u003eexpressjs/express#6679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6678\"\u003eexpressjs/express#6678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elint: add --fix flag to automatic fix linting issue by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6644\"\u003eexpressjs/express#6644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: ignore yarn.lock file and update example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6588\"\u003eexpressjs/express#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elib: use req.socket over deprecated req.connection by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6705\"\u003eexpressjs/express#6705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update express app example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6718\"\u003eexpressjs/express#6718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6675\"\u003eexpressjs/express#6675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove history.md from being packaged on publish by \u003ca href=\"https://github.com/sheplu\"\u003e\u003ccode\u003e@​sheplu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6780\"\u003eexpressjs/express#6780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/master/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.2.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA deprecation warning was added when using \u003ccode\u003eres.redirect\u003c/code\u003e with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.1.0 / 2025-03-31\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eUint8Array\u003c/code\u003e in \u003ccode\u003eres.send()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for ETag option in \u003ccode\u003eres.sendFile()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for multiple links with the same rel in \u003ccode\u003eres.links()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd funding field to package.json\u003c/li\u003e\n\u003cli\u003eperf: use loop for acceptParams\u003c/li\u003e\n\u003cli\u003erefactor: prefix built-in node module imports\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003esetprototypeof\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003esafe-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003eutils-merge\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003emethods\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003edepd\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003edebug@^4.4.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003erouter@^2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003econtent-type@^1.0.5\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003efinalhandler@^2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003eqs@^6.14.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003eserver-static@2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003etype-is@2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.0.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ecookie\u003c/code\u003e semver lock to address \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.0.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eremove:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epath-is-absolute\u003c/code\u003e dependency - use \u003ccode\u003epath.isAbsolute\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ebreaking:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eres.status()\u003c/code\u003e accepts only integers, and input must be greater than 99 and less than 1000\n\u003cul\u003e\n\u003cli\u003ewill throw a \u003ccode\u003eRangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.\u003c/code\u003e for inputs outside this range\u003c/li\u003e\n\u003cli\u003ewill throw a \u003ccode\u003eTypeError: Invalid status code: ${code}. Status code must be an integer.\u003c/code\u003e for non integer inputs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@1.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dbac741a49a5a64336b70c06e85c2e2706e36336\"\u003e\u003ccode\u003edbac741\u003c/code\u003e\u003c/a\u003e 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/697547cde621d8b0a47b4fff6e98b29337f8c980\"\u003e\u003ccode\u003e697547c\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/4007ad103ba29f6426b2ec9eccfb1ceb792682a8\"\u003e\u003ccode\u003e4007ad1\u003c/code\u003e\u003c/a\u003e Release: 5.2.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/2f64f68c37c64ae333e41ff38032d21860f22255\"\u003e\u003ccode\u003e2f64f68\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/ed0ba3f1dc905d6b62eabf23bd383abcae4901ba\"\u003e\u003ccode\u003eed0ba3f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6928\"\u003e#6928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8eace4603cb2547608578a4fbb259dc984216f71\"\u003e\u003ccode\u003e8eace46\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6929\"\u003e#6929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/30bae810279b2ea162bed5b14ce6c35a110a87f5\"\u003e\u003ccode\u003e30bae81\u003c/code\u003e\u003c/a\u003e build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6930\"\u003e#6930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/758d4355d45322b4c8cd347ebcefbf3b154c7e7f\"\u003e\u003ccode\u003e758d435\u003c/code\u003e\u003c/a\u003e deps: body-parser@^2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/77bcd5274a87047e5b3fe2f17f6c342db3909c53\"\u003e\u003ccode\u003e77bcd52\u003c/code\u003e\u003c/a\u003e docs: update emeritus triagers (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6890\"\u003e#6890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f33caf1f89a028f0ea98ff5a156a68e65a2eabdd\"\u003e\u003ccode\u003ef33caf1\u003c/code\u003e\u003c/a\u003e Nominate to \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e for triage team (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6888\"\u003e#6888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.4 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.0 / 2025-03-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: normalize common options for all parsers\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003eiconv-lite@^0.6.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.1.0 / 2025-02-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.0\u003c/li\u003e\n\u003cli\u003edebug@^4.4.0\u003c/li\u003e\n\u003cli\u003eRemoved destroy\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003erefactor: prefix built-in node module imports\u003c/li\u003e\n\u003cli\u003euse the node require cache instead of custom caching\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.2 / 2024-10-31\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eremove \u003ccode\u003eunpipe\u003c/code\u003e package and use native \u003ccode\u003eunpipe()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.1 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore expected behavior \u003ccode\u003eextended\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.0 / 2024-09-10\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode.js 18 is the minimum supported version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.19.2 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add CodeQl (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/250\"\u003epillarjs/send#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/255\"\u003epillarjs/send#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[StepSecurity] Apply security best practices by \u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/265\"\u003epillarjs/send#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.23.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/257\"\u003epillarjs/send#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/269\"\u003epillarjs/send#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/268\"\u003epillarjs/send#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/267\"\u003epillarjs/send#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/278\"\u003epillarjs/send#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/277\"\u003epillarjs/send#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/276\"\u003epillarjs/send#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/275\"\u003epillarjs/send#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/272\"\u003epillarjs/send#272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/262\"\u003epillarjs/send#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump supertest from 6.2.2 to 6.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/260\"\u003epillarjs/send#260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/283\"\u003epillarjs/send#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.31.2 to 4.31.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/282\"\u003epillarjs/send#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove HISTORY.md from tarball by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/285\"\u003epillarjs/send#285\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Node.js 25 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/284\"\u003epillarjs/send#284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependency ranges to latest versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/286\"\u003epillarjs/send#286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/281\"\u003epillarjs/send#281\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ehttps://github.com/pillarjs/send/compare/1.2.0...1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): updated dependency \u003ccode\u003efresh\u003c/code\u003e to v2 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/247\"\u003epillarjs/send#247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove obsolete dependency \u003ccode\u003edestroy\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/245\"\u003epillarjs/send#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove security file by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/248\"\u003epillarjs/send#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: update \u003ccode\u003emime-types\u003c/code\u003e to v3.0.1 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/251\"\u003epillarjs/send#251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update ci workflow and remove appveyor by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/249\"\u003epillarjs/send#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor:  remove \u003ccode\u003egetHeaderNames()\u003c/code\u003e polyfill and refactor \u003ccode\u003eclearHeaders()\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/243\"\u003epillarjs/send#243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease 1.2.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/252\"\u003epillarjs/send#252\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/247\"\u003epillarjs/send#247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/248\"\u003epillarjs/send#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.1.0...1.2.0\"\u003ehttps://github.com/pillarjs/send/compare/1.1.0...1.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.1 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor changes (package metadata)\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.4.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.0 / 2025-03-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003efresh@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eremoved \u003ccode\u003edestroy\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003egetHeaderNames()\u003c/code\u003e polyfill and refactor \u003ccode\u003eclearHeaders()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eChanges from 0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0 / 2024-07-25\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Node.js \u0026lt;18.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003erange-parser@^1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eon-finished@^2.4.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ems@^2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^2.1.35\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003efresh@^0.5.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eetag@^1.8.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eescape-html@^1.0.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eencodeurl@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edestroy@^1.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.3.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0-beta.2 / 2024-03-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eChanges from 0.18.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0-beta.1 / 2022-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Node.js 0.8\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/096a6148bea0b82ca974fe0016e6eac280869249\"\u003e\u003ccode\u003e096a614\u003c/code\u003e\u003c/a\u003e 1.2.1 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/861e3c609c52669c79ef7e5e268cc3d6a51f6912\"\u003e\u003ccode\u003e861e3c6\u003c/code\u003e\u003c/a\u003e chore: update depenency ranges to latest versions (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/a40fcd4aef752bc0540234e36d5f3e6a1e384852\"\u003e\u003ccode\u003ea40fcd4\u003c/code\u003e\u003c/a\u003e ci: add Node.js 25 to test matrix (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/7740dde70eb61547c87089b53619089a5c911502\"\u003e\u003ccode\u003e7740dde\u003c/code\u003e\u003c/a\u003e chore: remove HISTORY.md from tarball (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f532f4115fc6c92ade88c5abe83297d64a39e515\"\u003e\u003ccode\u003ef532f41\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f9b651ff01c8761b7ec0ddefcc92baa19789c7eb\"\u003e\u003ccode\u003ef9b651f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/db2558b7bd3fe7f183e54e50bc753a725822755a\"\u003e\u003ccode\u003edb2558b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump supertest from 6.2.2 to 6.3.4 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/136fcf6465495db3e8b55d9463721e12613333af\"\u003e\u003ccode\u003e136fcf6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/262\"\u003e#262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/fac9c3f6af95e55d93966a334c2565f434fff6a7\"\u003e\u003ccode\u003efac9c3f\u003c/code\u003e\u003c/a\u003e build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/cd0c2535f31100a4224c82deb32e93e3b07b0ac1\"\u003e\u003ccode\u003ecd0c253\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/setup-node from 4 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.2...1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.16.3 to 2.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/202\"\u003eexpressjs/serve-static#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/201\"\u003eexpressjs/serve-static#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/204\"\u003eexpressjs/serve-static#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/205\"\u003eexpressjs/serve-static#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/209\"\u003eexpressjs/serve-static#209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/210\"\u003eexpressjs/serve-static#210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/211\"\u003eexpressjs/serve-static#211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/212\"\u003eexpressjs/serve-static#212\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/213\"\u003eexpressjs/serve-static#213\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/216\"\u003eexpressjs/serve-static#216\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/226\"\u003eexpressjs/serve-static#226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/225\"\u003eexpressjs/serve-static#225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/224\"\u003eexpressjs/serve-static#224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 6 npm dependencies across the project, including major version bumps for axios (1.15.0→1.15.2) and express (4.22.0→5.2.1), along with 4 indirect dependency updates to enhance security and maintain compatibility.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Axios Update**: Upgraded from 1.15.0 to 1.15.2 with critical security fixes for prototype pollution, SSRF vulnerabilities, and memory leaks\n- **Express Major Version**: Updated from 4.22.0 to 5.2.1, representing a major version upgrade with breaking changes and new features\n- **Indirect Dependencies**: Updated body-parser (1.20.4→2.2.2), qs (6.14.2→6.15.2), send (0.19.2→1.2.1), and serve-static (1.16.3→2.2.1)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[package.json] --\u003e B[Direct Dependencies]\n    A --\u003e C[Indirect Dependencies]\n    B --\u003e D[axios ^1.15.2]\n    B --\u003e E[express ^5.2.1]\n    C --\u003e F[body-parser 2.2.2]\n    C --\u003e G[qs 6.15.2]\n    C --\u003e H[send 1.2.1]\n    C --\u003e I[serve-static 2.2.1]\n    \n    D --\u003e J[Security Fixes]\n    E --\u003e K[Breaking Changes]\n    F --\u003e L[CVE Patches]\n    \n    J --\u003e M[Prototype Pollution Protection]\n    J --\u003e N[SSRF Mitigation]\n    J --\u003e O[Memory Leak Fixes]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, SSRF vulnerabilities, and authentication bypass issues\n- **Breaking Changes**: Express 5.x introduces breaking changes that may require code modifications for status code handling and deprecated features\n- **Performance Improvements**: Memory leak fixes in axios and optimizations across updated dependencies improve application stability\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/llama-fs/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fllama-fs/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"},{"uuid":"4411419075","node_id":"PR_kwDOIVmTkc7ZysX_","number":14,"state":"closed","title":"Bump serve-static and express in /src","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T06:11:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-09T06:09:29.000Z","updated_at":"2026-05-09T06:11:11.000Z","time_to_close":101,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.1","new_version":"4.22.1"}],"path":"/src","ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.1...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lombaardj/containerapps-albumui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lombaardj/containerapps-albumui/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lombaardj%2Fcontainerapps-albumui/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4395367703","node_id":"PR_kwDOMh9OFc7Y-Grf","number":2,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-07T00:48:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T00:48:43.000Z","updated_at":"2026-05-07T00:48:53.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"express","old_version":"4.19.2","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"nanoid","old_version":"5.0.7","new_version":"5.0.9","repository_url":"https://github.com/ai/nanoid"},{"name":"cookie","old_version":"0.6.0","new_version":"0.7.2"},{"name":"path-to-regexp","old_version":"0.1.7","new_version":"0.1.13"},{"name":"qs","old_version":"6.11.0","new_version":"6.14.2"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"tar","old_version":"6.2.1","new_version":"7.5.14"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [express](https://github.com/expressjs/express), [nanoid](https://github.com/ai/nanoid) and [@tootallnate/once](https://github.com/TooTallNate/once).\n\nUpdates `express` from 4.19.2 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 5.0.7 to 5.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by \u003ca href=\"https://github.com/kirillgroshkov\"\u003e\u003ccode\u003e@​kirillgroshkov\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by \u003ca href=\"https://github.com/kirillgroshkov\"\u003e\u003ccode\u003e@​kirillgroshkov\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/65a38ac63a0709c420b9de30b15511b84e87c423\"\u003e\u003ccode\u003e65a38ac\u003c/code\u003e\u003c/a\u003e Release 5.0.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/b00d120d7a88ef045df0835c89fed6bf29b26bda\"\u003e\u003ccode\u003eb00d120\u003c/code\u003e\u003c/a\u003e Merge after 3.3.8 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/cdc3edc2f57652d97e566acecef7f1bb0f4650db\"\u003e\u003ccode\u003ecdc3edc\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/d643045f40d6dc8afa000a644d857da1436ed08c\"\u003e\u003ccode\u003ed643045\u003c/code\u003e\u003c/a\u003e Fix pool pollution, infinite loop (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/510\"\u003e#510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/0daa00f68acc2f958ba19f73ddef700ce4049ab7\"\u003e\u003ccode\u003e0daa00f\u003c/code\u003e\u003c/a\u003e Additional fixes and tests for \u003ca href=\"https://redirect.github.com/ai/nanoid/issues/508\"\u003e#508\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/313a14eb0e0557adba8a00d22b66f6a41a8b1cee\"\u003e\u003ccode\u003e313a14e\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/eb2db95a181c1cd42580f1c5ff88e455ad03ffb7\"\u003e\u003ccode\u003eeb2db95\u003c/code\u003e\u003c/a\u003e Fix size limit and linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/9da8f607e1ebaae1aac73c9ba7fb199b5a4592f6\"\u003e\u003ccode\u003e9da8f60\u003c/code\u003e\u003c/a\u003e Fix pool pollution, infinite loop (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/508\"\u003e#508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/5.0.7...5.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `cookie` from 0.6.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.0...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 6.2.1 to 7.5.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/35a1ffe73eb4aa05cd2613f8fdcfb4c9c9ed59f9\"\u003e\u003ccode\u003e35a1ffe\u003c/code\u003e\u003c/a\u003e doc: more clarity in security warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v6.2.1...v7.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 2.1.1 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4b7e8688a54268b7c3268848504167635050aa10\"\u003e\u003ccode\u003e4b7e868\u003c/code\u003e\u003c/a\u003e 2.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/266194b94b5ab0b6c2ad2739e4247970dbd1e7ba\"\u003e\u003ccode\u003e266194b\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/d97731b0e1b8a244ab859784b514cfcf5585ad3d\"\u003e\u003ccode\u003ed97731b\u003c/code\u003e\u003c/a\u003e 2.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/fd1634e869e7c5f85948e95eabdaa8451a085de5\"\u003e\u003ccode\u003efd1634e\u003c/code\u003e\u003c/a\u003e symlink tweak from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.1...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ZhongRuoyu/shorten.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ZhongRuoyu/shorten.js/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZhongRuoyu%2Fshorten.js/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4372318791","node_id":"PR_kwDOLCages7Xy6_K","number":11,"state":"closed","title":"Bump serve-static from 1.13.2 to 1.16.3 in the npm_and_yarn group across 0 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T17:06:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T16:21:29.000Z","updated_at":"2026-05-03T17:07:00.000Z","time_to_close":2729,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","old_version":"1.13.2","new_version":"1.16.3","repository_url":null}],"path":"the npm_and_yarn group across 0 directory","ecosystem":"npm"},"body":"Updates `serve-static` from 1.13.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.1 / 2019-05-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSet stricter CSP header in redirect response\u003c/li\u003e\n\u003cli\u003edeps: send@0.17.1\n\u003cul\u003e\n\u003cli\u003edeps: range-parser@~1.2.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.0 / 2019-05-07\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.13.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serve-static\u0026package-manager=npm_and_yarn\u0026previous-version=1.13.2\u0026new-version=1.16.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bramp/ninaandandrew.com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bramp/ninaandandrew.com/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bramp%2Fninaandandrew.com/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4297748196","node_id":"PR_kwDONygq0c7UDWSa","number":71,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 4 directories with 5 updates","user":"dependabot[bot]","labels":["needs-review","dependencies","javascript","no-pr-activity"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-20T18:13:48.000Z","updated_at":"2026-05-27T09:52:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"send","old_version":"0.17.1","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the npm_and_yarn group with 4 updates in the / directory: [ansi-regex](https://github.com/chalk/ansi-regex), [brace-expansion](https://github.com/juliangruber/brace-expansion), [send](https://github.com/pillarjs/send) and [serve-static](https://github.com/expressjs/serve-static).\nBumps the npm_and_yarn group with 1 update in the /07-building-chat-applications/typescript/chat-completions-app directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /08-building-search-applications/typescript/search-app directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /11-integrating-with-function-calling/typescript/function-app directory: [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.17.1 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.18.0 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.17.2 / 2021-12-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003cli\u003edeps: http-errors@1.8.1\n\u003cul\u003e\n\u003cli\u003edeps: inherits@2.0.4\u003c/li\u003e\n\u003cli\u003edeps: toidentifier@1.0.1\u003c/li\u003e\n\u003cli\u003edeps: setprototypeof@1.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b69cbb3dc4c09c37917d08a4c13fcd1bac97ade5\"\u003e\u003ccode\u003eb69cbb3\u003c/code\u003e\u003c/a\u003e 0.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f53edbb7f4f7ebdd936d3d714d84d52f2d3d00f3\"\u003e\u003ccode\u003ef53edbb\u003c/code\u003e\u003c/a\u003e Limit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/706d6ddf0d3c8a9248fc1edbc3ff60bbc6ad7b93\"\u003e\u003ccode\u003e706d6dd\u003c/code\u003e\u003c/a\u003e docs: add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b690ba4bd149d20fa6687ee6298fb6aede5b21d7\"\u003e\u003ccode\u003eb690ba4\u003c/code\u003e\u003c/a\u003e docs: fix linux build badge link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.17.1...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues...\n\n_Description has been truncated_","html_url":"https://github.com/asleekgeek/generative-ai-for-beginners/pull/71","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/asleekgeek%2Fgenerative-ai-for-beginners/issues/71","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/71/packages"},{"uuid":"4285659402","node_id":"PR_kwDOIaVK487Td3BY","number":6,"state":"open","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T22:30:20.000Z","updated_at":"2026-04-17T22:30:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/marcilio-freitas27/app-vercel-teste/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/marcilio-freitas27/app-vercel-teste/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcilio-freitas27%2Fapp-vercel-teste/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4279556964","node_id":"PR_kwDOMkUSms7TKNDp","number":1,"state":"open","title":"chore(deps): Bump the npm_and_yarn group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T01:34:26.000Z","updated_at":"2026-04-17T01:35:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"npm_and_yarn","update_count":30,"packages":[{"name":"mongoose","old_version":"8.5.3","new_version":"8.9.5","repository_url":"https://github.com/Automattic/mongoose"},{"name":"next","old_version":"14.2.5","new_version":"16.2.4","repository_url":"https://github.com/vercel/next.js"},{"name":"next-auth","old_version":"4.24.7","new_version":"4.24.12","repository_url":"https://github.com/nextauthjs/next-auth"},{"name":"@babel/helpers","old_version":"7.25.0","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"base-x","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"glob","old_version":"10.4.5","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@stablelib/ed25519","old_version":"1.0.3","new_version":"removed","repository_url":"https://github.com/StableLib/stablelib"},{"name":"bn.js","old_version":"5.2.1","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"defu","old_version":"6.1.4","new_version":"6.1.7","repository_url":"https://github.com/unjs/defu"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"h3","old_version":"1.12.0","new_version":"1.15.11","repository_url":"https://github.com/h3js/h3"},{"name":"image-size","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/image-size/image-size"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.7","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"socket.io-parser","old_version":"4.2.4","new_version":"4.2.6","repository_url":"https://github.com/socketio/socket.io"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"yaml","old_version":"2.5.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 28 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [mongoose](https://github.com/Automattic/mongoose) | `8.5.3` | `8.9.5` |\n| [next](https://github.com/vercel/next.js) | `14.2.5` | `16.2.4` |\n| [next-auth](https://github.com/nextauthjs/next-auth) | `4.24.7` | `4.24.12` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.25.0` | `7.29.2` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `4.0.0` | `4.0.1` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [@stablelib/ed25519](https://github.com/StableLib/stablelib) | `1.0.3` | `removed` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.1` | `5.2.3` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [defu](https://github.com/unjs/defu) | `6.1.4` | `6.1.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `4.5.6` |\n| [h3](https://github.com/h3js/h3) | `1.12.0` | `1.15.11` |\n| [image-size](https://github.com/image-size/image-size) | `1.1.1` | `1.2.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.7` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.4` | `4.2.6` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [yaml](https://github.com/eemeli/yaml) | `2.5.0` | `2.8.3` |\n\n\nUpdates `mongoose` from 8.5.3 to 8.9.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/releases\"\u003emongoose's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.9.5 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match\u003c/li\u003e\n\u003cli\u003efix(schema): handle bitwise operators on Int32 \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003e#15170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.4 / 2025-01-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(document): fix document not applying manual populate when using a function in schema.options.ref \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15138\"\u003e#15138\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): make Model.validate() static correctly cast document arrays \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15169\"\u003e#15169\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15164\"\u003e#15164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): allow passing validateBeforeSave option to bulkSave() to skip validation \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15161\"\u003e#15161\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15156\"\u003e#15156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15142\"\u003e#15142\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15120\"\u003e#15120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: avoid BufferToBinary\u0026lt;\u0026gt; wiping lean types when passed to generic functions \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15160\"\u003e#15160\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15158\"\u003e#15158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix \u0026lt;code\u0026gt; in header ids \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15159\"\u003e#15159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix header in field-level-encryption.md \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15137\"\u003e#15137\u003c/a\u003e \u003ca href=\"https://github.com/damieng\"\u003edamieng\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.3 / 2024-12-30\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): make duplicate index error a warning for now to prevent blocking upgrading \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15135\"\u003e#15135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle document array paths set to non-array values in Model.castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15124\"\u003e#15124\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15131\"\u003e#15131\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): avoid throwing unnecessary error if updateOne() returns null in save() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15126\"\u003e#15126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15136\"\u003e#15136\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/10449\"\u003e#10449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: make BufferToBinary avoid Document instances \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15123\"\u003e#15123\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15122\"\u003e#15122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(model+query): avoid stripping out virtuals when calling populate with paths generic \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15132\"\u003e#15132\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15111\"\u003e#15111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(schema): add missing removeIndex \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15134\"\u003e#15134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add cleanIndexes() to IndexManager interface \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15127\"\u003e#15127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move search endpoint to netlify \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15119\"\u003e#15119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.2 / 2024-12-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(map): clean modified subpaths when overwriting values in map of subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15114\"\u003e#15114\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15108\"\u003e#15108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(aggregate): pull session from transaction local storage for aggregation cursors \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15094\"\u003e#15094\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: correctly handle union types in BufferToBinary and related helpers \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15103\"\u003e#15103\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15102\"\u003e#15102\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15057\"\u003e#15057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add UUID to RefType \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15115\"\u003e#15115\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15101\"\u003e#15101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove link to Mongoose 5.x docs from dropdown \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15116\"\u003e#15116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15113\"\u003e#15113\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15107\"\u003e#15107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.1 / 2024-12-16\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(connection): remove heartbeat check in load balanced mode \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15089\"\u003e#15089\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15042\"\u003e#15042\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/14812\"\u003e#14812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15099\"\u003e#15099\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15088\"\u003e#15088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15092\"\u003e#15092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle discriminators in castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15096\"\u003e#15096\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): throw error if duplicate index definition using unique in schema path and subsequent .index() call \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15093\"\u003e#15093\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15056\"\u003e#15056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: mark documents that are populated using hydratedPopulatedDocs option as populated in top-level doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15080\"\u003e#15080\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15048\"\u003e#15048\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document+schema): improve error message for get() on invalid path \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15098\"\u003e#15098\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove more callback doc references \u0026amp; some small other changes \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15095\"\u003e#15095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.0 / 2024-12-13\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md\"\u003emongoose's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.9.5 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003cli\u003efix(schema): handle bitwise operators on Int32 \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003e#15170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e7.8.4 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e6.13.6 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.4 / 2025-01-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(document): fix document not applying manual populate when using a function in schema.options.ref \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15138\"\u003e#15138\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): make Model.validate() static correctly cast document arrays \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15169\"\u003e#15169\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15164\"\u003e#15164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): allow passing validateBeforeSave option to bulkSave() to skip validation \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15161\"\u003e#15161\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15156\"\u003e#15156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15142\"\u003e#15142\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15120\"\u003e#15120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: avoid BufferToBinary\u0026lt;\u0026gt; wiping lean types when passed to generic functions \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15160\"\u003e#15160\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15158\"\u003e#15158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix \u003ccode\u003e\u0026lt;code\u0026gt;\u003c/code\u003e in header ids \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15159\"\u003e#15159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix header in field-level-encryption.md \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15137\"\u003e#15137\u003c/a\u003e \u003ca href=\"https://github.com/damieng\"\u003edamieng\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.3 / 2024-12-30\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): make duplicate index error a warning for now to prevent blocking upgrading \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15135\"\u003e#15135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle document array paths set to non-array values in Model.castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15124\"\u003e#15124\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15131\"\u003e#15131\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): avoid throwing unnecessary error if updateOne() returns null in save() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15126\"\u003e#15126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15136\"\u003e#15136\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/10449\"\u003e#10449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: make BufferToBinary avoid Document instances \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15123\"\u003e#15123\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15122\"\u003e#15122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(model+query): avoid stripping out virtuals when calling populate with paths generic \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15132\"\u003e#15132\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15111\"\u003e#15111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(schema): add missing removeIndex \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15134\"\u003e#15134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add cleanIndexes() to IndexManager interface \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15127\"\u003e#15127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move search endpoint to netlify \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15119\"\u003e#15119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.2 / 2024-12-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(map): clean modified subpaths when overwriting values in map of subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15114\"\u003e#15114\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15108\"\u003e#15108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(aggregate): pull session from transaction local storage for aggregation cursors \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15094\"\u003e#15094\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: correctly handle union types in BufferToBinary and related helpers \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15103\"\u003e#15103\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15102\"\u003e#15102\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15057\"\u003e#15057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add UUID to RefType \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15115\"\u003e#15115\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15101\"\u003e#15101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove link to Mongoose 5.x docs from dropdown \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15116\"\u003e#15116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15113\"\u003e#15113\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15107\"\u003e#15107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.1 / 2024-12-16\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(connection): remove heartbeat check in load balanced mode \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15089\"\u003e#15089\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15042\"\u003e#15042\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/14812\"\u003e#14812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15099\"\u003e#15099\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15088\"\u003e#15088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15092\"\u003e#15092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/5af0a109fcf206eb765c02e0fffe54a78ab95174\"\u003e\u003ccode\u003e5af0a10\u003c/code\u003e\u003c/a\u003e chore: release 8.9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/a42d8f5e3b8a6c2abd7d32c15b0cc5edac928d4e\"\u003e\u003ccode\u003ea42d8f5\u003c/code\u003e\u003c/a\u003e Merge branch '7.x'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/73e81abe3ec012f8255d3ca9978594075378faf4\"\u003e\u003ccode\u003e73e81ab\u003c/code\u003e\u003c/a\u003e chore: release 7.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/4fe9a904e3c2184ce6d01d9c3c8f3b239616f155\"\u003e\u003ccode\u003e4fe9a90\u003c/code\u003e\u003c/a\u003e Merge branch '6.x' into 7.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/e59e342e5d01bfeee31c5d5c796745315ecf0fa9\"\u003e\u003ccode\u003ee59e342\u003c/code\u003e\u003c/a\u003e chore: release 6.13.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/64a9f9706f2428c49e0cfb8e223065acc645f7bc\"\u003e\u003ccode\u003e64a9f97\u003c/code\u003e\u003c/a\u003e fix: disallow nested $where in populate match\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/fa33717db8c6ee2331c68241abff7a81b84a70fb\"\u003e\u003ccode\u003efa33717\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e from Automattic/vkarpov15/\u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003egh-15170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/072860237a2b8d968e06d4090a24127de8cdff24\"\u003e\u003ccode\u003e0728602\u003c/code\u003e\u003c/a\u003e test: make test cast non-boolean value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/0cad0d71a8667295c6abd4636ea7d7b5cdc164e8\"\u003e\u003ccode\u003e0cad0d7\u003c/code\u003e\u003c/a\u003e fix(schema): handle bitwise operators on Int32\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/39886fbb57aaf345d01c0294cf2c3d2781898c29\"\u003e\u003ccode\u003e39886fb\u003c/code\u003e\u003c/a\u003e docs: quick changelog formatting fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/mongoose/compare/8.5.3...8.9.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.5 to 16.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.4\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92713\"\u003e#92713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix filesystem watcher config not applying follow_symlinks(false) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92631\"\u003e#92631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eScope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92580\"\u003e#92580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler: Support boolean and number primtives in next.config defines (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92731\"\u003e#92731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92725\"\u003e#92725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: shorter error for ChunkGroupInfo::get_index_of (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92814\"\u003e#92814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: shorter error message for ModuleBatchesGraph::get_entry_index (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92828\"\u003e#92828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdding more system info to the 'initialize project' trace (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92427\"\u003e#92427\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/Badbird5907\"\u003e\u003ccode\u003e@​Badbird5907\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukesandberg\"\u003e\u003ccode\u003e@​lukesandberg\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/andrewimm\"\u003e\u003ccode\u003e@​andrewimm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sokra\"\u003e\u003ccode\u003e@​sokra\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev16.2.3\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e. The release does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure app-page reports stale ISR revalidation errors via onRequestError (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92282\"\u003e#92282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91981\"\u003e#91981\u003c/a\u003e through \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92273\"\u003e#92273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeduplicate output assets and detect content conflicts on emit (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92292\"\u003e#92292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix styled-jsx race condition: styles lost due to concurrent rendering (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92459\"\u003e#92459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturbo-tasks-backend: stability fixes for task cancellation and error handling (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92254\"\u003e#92254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/icyJoseph\"\u003e\u003ccode\u003e@​icyJoseph\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sokra\"\u003e\u003ccode\u003e@​sokra\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/wbinnssmith\"\u003e\u003ccode\u003e@​wbinnssmith\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev16.2.2\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport: Move expanded adapters docs to API reference (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92115\"\u003e#92115\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92129\"\u003e#92129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: TypeScript v6 deprecations for baseUrl and moduleResolution (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92130\"\u003e#92130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[create-next-app] Skip interactive prompts when CLI flags are provided (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91840\"\u003e#91840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enext.config.js: Accept an option for serverFastRefresh (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91968\"\u003e#91968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: enable server HMR for app route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91466\"\u003e#91466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: exclude metadata routes from server HMR (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92034\"\u003e#92034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix CI for glibc linux builds\u003c/li\u003e\n\u003cli\u003eBackport: disable bmi2 in qfilter \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92177\"\u003e#92177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[backport] Fix CSS HMR on Safari (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92174\"\u003e#92174\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2275bd8598c88e8652d1271e74bcf972f72f4f38\"\u003e\u003ccode\u003e2275bd8\u003c/code\u003e\u003c/a\u003e v16.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e07398321a37115626b0271697e51418db109cad\"\u003e\u003ccode\u003ee073983\u003c/code\u003e\u003c/a\u003e Adding more system info to the 'initialize project' trace (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92427\"\u003e#92427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8a540b58b683bb79667d6e908d45df0e9e9c9f9c\"\u003e\u003ccode\u003e8a540b5\u003c/code\u003e\u003c/a\u003e Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2f5343fafb2052c59cf62018252b75da3e7d424a\"\u003e\u003ccode\u003e2f5343f\u003c/code\u003e\u003c/a\u003e Turbopack: shorter error for ChunkGroupInfo::get_index_of (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92814\"\u003e#92814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2ad9d3fb58801adb7df87873fc299a4e9a5ab199\"\u003e\u003ccode\u003e2ad9d3f\u003c/code\u003e\u003c/a\u003e turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6f3808e2043d168d4fb6fa3f9184e755076a16b0\"\u003e\u003ccode\u003e6f3808e\u003c/code\u003e\u003c/a\u003e Compiler: Support boolean and number primtives in next.config defines (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92731\"\u003e#92731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fbc7684ecbd360da8af602e50780637fc79354d5\"\u003e\u003ccode\u003efbc7684\u003c/code\u003e\u003c/a\u003e Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92580\"\u003e#92580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/805d758d935beb0abbc70639c6af0fc9d839273b\"\u003e\u003ccode\u003e805d758\u003c/code\u003e\u003c/a\u003e Turbopack: fix filesystem watcher config not applying follow_symlinks(false) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1056fae3565d88719ef41f5b05447ace75e26d7e\"\u003e\u003ccode\u003e1056fae\u003c/code\u003e\u003c/a\u003e chore: Bump reqwest to 0.13.2 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92713\"\u003e#92713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d5f649b2f4affdad1009cb178c1e3b37f4f1ad3f\"\u003e\u003ccode\u003ed5f649b\u003c/code\u003e\u003c/a\u003e v16.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.5...v16.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next-auth` from 4.24.7 to 4.24.12\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/1f48cf7cbbc43517174cb47b4eb5dd402025c8b7\"\u003e\u003ccode\u003e1f48cf7\u003c/code\u003e\u003c/a\u003e chore(release): bump version [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/4758a2f1ff185c9759df0c558b03fe931920d0a5\"\u003e\u003ccode\u003e4758a2f\u003c/code\u003e\u003c/a\u003e ci: add \u003ccode\u003eworkflow_dispatch\u003c/code\u003e for release.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/d3aecfe1f150434e1cfff21c291277137266827a\"\u003e\u003ccode\u003ed3aecfe\u003c/code\u003e\u003c/a\u003e feat: add next 16 support (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13303\"\u003e#13303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/82efcf81f218aae43683f8dd2f7c260ef69b3ece\"\u003e\u003ccode\u003e82efcf8\u003c/code\u003e\u003c/a\u003e fix: security issue from \u003ccode\u003enodemailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13304\"\u003e#13304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/798c3d59274cddc5ad22d4a68c211736f0deb191\"\u003e\u003ccode\u003e798c3d5\u003c/code\u003e\u003c/a\u003e docs: update banner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/02d3480f8d8405af52eaa0cdc2f8f75bb7e8b4e8\"\u003e\u003ccode\u003e02d3480\u003c/code\u003e\u003c/a\u003e chore: remove clerk ads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/7f88fa0ba97e7aab43c931dfe674e51748723da3\"\u003e\u003ccode\u003e7f88fa0\u003c/code\u003e\u003c/a\u003e chore: remove sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/46e01af41fc028f22322f225f4f03c0dce069035\"\u003e\u003ccode\u003e46e01af\u003c/code\u003e\u003c/a\u003e chore(docs): update credentials.md app router route.js filename (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13025\"\u003e#13025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/11939f2f70495c0408d0187dbfa0741fdd5916e6\"\u003e\u003ccode\u003e11939f2\u003c/code\u003e\u003c/a\u003e feat(core): add default cache control headers for GET endpoints (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/12627\"\u003e#12627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/918a6ac37beb766402940db64584df407668bbea\"\u003e\u003ccode\u003e918a6ac\u003c/code\u003e\u003c/a\u003e docs: Update FAQ with \u003ccode\u003eallowDangerousEmailAccountLinking\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/12586\"\u003e#12586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.7...next-auth@4.24.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~himself_65\"\u003ehimself_65\u003c/a\u003e, a new releaser for next-auth since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.25.0 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 4.0.0 to 4.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@stablelib/ed25519`\n\nUpdates `bn.js` from 5.2.1 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.5.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.5.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `defu` from 6.1.4 to 6.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/releases\"\u003edefu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/blob/main/CHANGELOG.md\"\u003edefu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edefu.d.cts:\u003c/strong\u003e Export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🏡 Chore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tea.yaml (\u003ca href=\"https://github.com/unjs/defu/commit/70cffe5\"\u003e70cffe5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate repo (\u003ca href=\"https://github.com/unjs/defu/commit/23cc432\"\u003e23cc432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typecheck (\u003ca href=\"https://github.com/unjs/defu/commit/89df6bb\"\u003e89df6bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🤖 CI\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/80c0146afb11ebd86183a579ec469f3abd976695\"\u003e\u003ccode\u003e80c0146\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/40d7ef42d30db975bf80c340e7856c1ad3568321\"\u003e\u003ccode\u003e40d7ef4\u003c/code\u003e\u003c/a\u003e fix(defu.d.cts): export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/3d3a7c89ca78f3fa43ec7194b12e44e4b0568697\"\u003e\u003ccode\u003e3d3a7c8\u003c/code\u003e\u003c/a\u003e build: correct the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/001c2906010eb65c1bb13ccd1f4abea09e10405b\"\u003e\u003ccode\u003e001c290\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/407b51645c41a57da6efac5b40967f2c60ce4f12\"\u003e\u003ccode\u003e407b516\u003c/code\u003e\u003c/a\u003e build: fix mixed types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/23e59e684cb6a432aad13f308d142247e31b6315\"\u003e\u003ccode\u003e23e59e6\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/11ba02213d4b1c6b02dd686041f75edc479c98e9\"\u003e\u003ccode\u003e11ba022\u003c/code\u003e\u003c/a\u003e fix: ignore inherited enumerable properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/3942bfbbcaa72084bd4284846c83bd61ed7c8b29\"\u003e\u003ccode\u003e3942bfb\u003c/code\u003e\u003c/a\u003e fix: prevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/d3ef16dabe861713192ba8679c5db8e0ac143f9b\"\u003e\u003ccode\u003ed3ef16d\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/checkout action to v6 (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/869a053effb7b1bf49a1635e1bb211840daa589e\"\u003e\u003ccode\u003e869a053\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.1 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084ad...\n\n_Description has been truncated_","html_url":"https://github.com/LoLoSenPai/roro-website/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LoLoSenPai%2Froro-website/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4271510003","node_id":"PR_kwDOG8TLTs7SxFuN","number":1121,"state":"closed","title":"Bump the npm group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-17T20:25:57.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T20:29:38.000Z","updated_at":"2026-04-17T20:25:59.000Z","time_to_close":172579,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm","update_count":37,"packages":[{"name":"@patternfly/react-code-editor","old_version":"6.4.0","new_version":"6.4.1","repository_url":"https://github.com/patternfly/patternfly-react"},{"name":"@patternfly/react-table","old_version":"6.4.0","new_version":"6.4.1","repository_url":"https://github.com/patternfly/patternfly-react"},{"name":"body-parser","old_version":"2.2.0","new_version":"2.2.2","repository_url":"https://github.com/expressjs/body-parser"},{"name":"cytoscape","old_version":"3.33.1","new_version":"3.33.2","repository_url":"https://github.com/cytoscape/cytoscape.js"},{"name":"express","old_version":"5.1.0","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"graphql","old_version":"16.11.0","new_version":"16.13.2","repository_url":"https://github.com/graphql/graphql-js"},{"name":"react","old_version":"19.2.0","new_version":"19.2.5","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.5","repository_url":"https://github.com/facebook/react"},{"name":"send","old_version":"1.2.0","new_version":"1.2.1","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"2.2.0","new_version":"2.2.1","repository_url":"https://github.com/expressjs/serve-static"},{"name":"universal-cookie","old_version":"8.0.1","new_version":"8.1.0","repository_url":"https://github.com/ItsBenCodes/cookies"},{"name":"urql","old_version":"5.0.1","new_version":"5.0.2","repository_url":"https://github.com/urql-graphql/urql"},{"name":"@eslint/config-array","old_version":"0.21.1","new_version":"0.23.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/object-schema","old_version":"2.1.7","new_version":"3.0.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"copy-webpack-plugin","old_version":"13.0.1","new_version":"14.0.0","repository_url":"https://github.com/webpack/copy-webpack-plugin"},{"name":"css-loader","old_version":"7.1.2","new_version":"7.1.4","repository_url":"https://github.com/webpack/css-loader"},{"name":"css-minimizer-webpack-plugin","old_version":"7.0.2","new_version":"8.0.0","repository_url":"https://github.com/webpack/css-minimizer-webpack-plugin"},{"name":"dotenv-webpack","old_version":"8.1.1","new_version":"9.0.0","repository_url":"https://github.com/mrsteele/dotenv-webpack"},{"name":"esbuild-loader","old_version":"4.4.0","new_version":"4.4.3","repository_url":"https://github.com/privatenumber/esbuild-loader"},{"name":"eslint","old_version":"9.38.0","new_version":"9.39.4","repository_url":"https://github.com/eslint/eslint"},{"name":"html-webpack-plugin","old_version":"5.6.4","new_version":"5.6.6","repository_url":"https://github.com/jantimon/html-webpack-plugin"},{"name":"mini-css-extract-plugin","old_version":"2.9.4","new_version":"2.10.2","repository_url":"https://github.com/webpack/mini-css-extract-plugin"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"prettier","old_version":"3.6.2","new_version":"3.8.3","repository_url":"https://github.com/prettier/prettier"},{"name":"react-router-dom","old_version":"7.9.5","new_version":"7.14.1","repository_url":"https://github.com/remix-run/react-router"},{"name":"rimraf","old_version":"6.0.1","new_version":"6.1.3","repository_url":"https://github.com/isaacs/rimraf"},{"name":"terser-webpack-plugin","old_version":"5.3.14","new_version":"5.4.0","repository_url":"https://github.com/webpack/terser-webpack-plugin"},{"name":"ts-loader","old_version":"9.5.4","new_version":"9.5.7","repository_url":"https://github.com/TypeStrong/ts-loader"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.2","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"typescript-eslint","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"webpack","old_version":"5.102.1","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-cli","old_version":"6.0.1","new_version":"7.0.2","repository_url":"https://github.com/webpack/webpack-cli"},{"name":"webpack-dev-server","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/webpack/webpack-dev-server"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm group with 36 updates in the /ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@patternfly/react-code-editor](https://github.com/patternfly/patternfly-react) | `6.4.0` | `6.4.1` |\n| [@patternfly/react-table](https://github.com/patternfly/patternfly-react) | `6.4.0` | `6.4.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `2.2.0` | `2.2.2` |\n| [cytoscape](https://github.com/cytoscape/cytoscape.js) | `3.33.1` | `3.33.2` |\n| [express](https://github.com/expressjs/express) | `5.1.0` | `5.2.1` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.11.0` | `16.13.2` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.5` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.5` |\n| [send](https://github.com/pillarjs/send) | `1.2.0` | `1.2.1` |\n| [serve-static](https://github.com/expressjs/serve-static) | `2.2.0` | `2.2.1` |\n| [universal-cookie](https://github.com/ItsBenCodes/cookies) | `8.0.1` | `8.1.0` |\n| [urql](https://github.com/urql-graphql/urql/tree/HEAD/packages/react-urql) | `5.0.1` | `5.0.2` |\n| [@eslint/config-array](https://github.com/eslint/rewrite/tree/HEAD/packages/config-array) | `0.21.1` | `0.23.5` |\n| [@eslint/object-schema](https://github.com/eslint/rewrite/tree/HEAD/packages/object-schema) | `2.1.7` | `3.0.5` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.46.2` | `8.58.2` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.46.2` | `8.58.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [copy-webpack-plugin](https://github.com/webpack/copy-webpack-plugin) | `13.0.1` | `14.0.0` |\n| [css-loader](https://github.com/webpack/css-loader) | `7.1.2` | `7.1.4` |\n| [css-minimizer-webpack-plugin](https://github.com/webpack/css-minimizer-webpack-plugin) | `7.0.2` | `8.0.0` |\n| [dotenv-webpack](https://github.com/mrsteele/dotenv-webpack) | `8.1.1` | `9.0.0` |\n| [esbuild-loader](https://github.com/privatenumber/esbuild-loader) | `4.4.0` | `4.4.3` |\n| [eslint](https://github.com/eslint/eslint) | `9.38.0` | `9.39.4` |\n| [html-webpack-plugin](https://github.com/jantimon/html-webpack-plugin) | `5.6.4` | `5.6.6` |\n| [mini-css-extract-plugin](https://github.com/webpack/mini-css-extract-plugin) | `2.9.4` | `2.10.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.8.3` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.9.5` | `7.14.1` |\n| [rimraf](https://github.com/isaacs/rimraf) | `6.0.1` | `6.1.3` |\n| [terser-webpack-plugin](https://github.com/webpack/terser-webpack-plugin) | `5.3.14` | `5.4.0` |\n| [ts-loader](https://github.com/TypeStrong/ts-loader) | `9.5.4` | `9.5.7` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.2` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.46.2` | `8.58.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.102.1` | `5.106.2` |\n| [webpack-cli](https://github.com/webpack/webpack-cli) | `6.0.1` | `7.0.2` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.2` | `5.2.3` |\n\n\nUpdates `@patternfly/react-code-editor` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-code-editor@6.4.0...@patternfly/react-code-editor@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ausuliv\"\u003eausuliv\u003c/a\u003e, a new releaser for \u003ccode\u003e@​patternfly/react-code-editor\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@patternfly/react-core` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-core@6.4.0...@patternfly/react-core@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ausuliv\"\u003eausuliv\u003c/a\u003e, a new releaser for \u003ccode\u003e@​patternfly/react-core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@patternfly/react-table` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-table@6.4.0...@patternfly/react-table@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cytoscape` from 3.33.1 to 3.33.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cytoscape/cytoscape.js/releases\"\u003ecytoscape's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.33.2\u003c/h2\u003e\n\u003cp\u003eRelease version v3.33.2\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/5e4655726466721a344413665b7be4f133fe3aa4\"\u003e\u003ccode\u003e5e46557\u003c/code\u003e\u003c/a\u003e 3.33.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/d790c9eb6407bac9ed187f7633280af9e0b5db79\"\u003e\u003ccode\u003ed790c9e\u003c/code\u003e\u003c/a\u003e Build 3.33.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/2e50aca0baa6841a61741e60318612d452aea2df\"\u003e\u003ccode\u003e2e50aca\u003c/code\u003e\u003c/a\u003e Docs: Add 3.33.2 to versions.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/9e7841e398f001ab4e13083b4b14b35c0e46fccd\"\u003e\u003ccode\u003e9e7841e\u003c/code\u003e\u003c/a\u003e Merge branch 'unstable' into 'master'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/31e2cfdd66bbdcae164cac7b2c6e81fa8e0f6336\"\u003e\u003ccode\u003e31e2cfd\u003c/code\u003e\u003c/a\u003e Merge branch 'fix/polygon-miter-bounds' into unstable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/34ecc6381391369103656ffa057538b7c50c23bb\"\u003e\u003ccode\u003e34ecc63\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3432\"\u003e#3432\u003c/a\u003e from LeeBhin/fix/polygon-miter-bounds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/816e98077a6447f491efec81b22cab19e5a56f25\"\u003e\u003ccode\u003e816e980\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3433\"\u003e#3433\u003c/a\u003e from jmg421/docs/fix-es5-esm-description\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/37bf20a773d10ce7bc8d13ed75f017ecc9cb5bcd\"\u003e\u003ccode\u003e37bf20a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3435\"\u003e#3435\u003c/a\u003e from jmg421/docs/fix-readme-build-targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/a3bd0ff01382fe1ac2ede7b283030f522dd2a45f\"\u003e\u003ccode\u003ea3bd0ff\u003c/code\u003e\u003c/a\u003e Move polygon bounds tests from Mocha to Playwright suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/9a33f6a26eaac41f4b1489efe7723ac13d0aaae9\"\u003e\u003ccode\u003e9a33f6a\u003c/code\u003e\u003c/a\u003e docs: fix build target list in README (umd listed twice, missing cjs)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cytoscape/cytoscape.js/compare/v3.33.1...v3.33.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mikekucera\"\u003emikekucera\u003c/a\u003e, a new releaser for cytoscape since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 5.1.0 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 5.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6933\"\u003eexpressjs/express#6933\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/expressjs/express/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6429\"\u003eexpressjs/express#6429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: simplify \u003ccode\u003eacceptsLanguages\u003c/code\u003e implementation using spread operator by \u003ca href=\"https://github.com/Ayoub-Mabrouk\"\u003e\u003ccode\u003e@​Ayoub-Mabrouk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6137\"\u003eexpressjs/express#6137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eincreased code coverage of utils.js file by \u003ca href=\"https://github.com/ashish3011\"\u003e\u003ccode\u003e@​ashish3011\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6386\"\u003eexpressjs/express#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove duplicate word by \u003ca href=\"https://github.com/dufucun\"\u003e\u003ccode\u003e@​dufucun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6456\"\u003eexpressjs/express#6456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6498\"\u003eexpressjs/express#6498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6497\"\u003eexpressjs/express#6497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6496\"\u003eexpressjs/express#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6504\"\u003eexpressjs/express#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update codeql config by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6488\"\u003eexpressjs/express#6488\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6512\"\u003eexpressjs/express#6512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typos in test by \u003ca href=\"https://github.com/noritaka1166\"\u003e\u003ccode\u003e@​noritaka1166\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6535\"\u003eexpressjs/express#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: disable credential persistence for checkout actions by \u003ca href=\"https://github.com/mertssmnoglu\"\u003e\u003ccode\u003e@​mertssmnoglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6522\"\u003eexpressjs/express#6522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: allow manual triggering of workflow by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6515\"\u003eexpressjs/express#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: add coverage for app.listen() variants by \u003ca href=\"https://github.com/kgarg1\"\u003e\u003ccode\u003e@​kgarg1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6476\"\u003eexpressjs/express#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move documentation and charters to the discussions and .github … by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6427\"\u003eexpressjs/express#6427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6549\"\u003eexpressjs/express#6549\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6548\"\u003eexpressjs/express#6548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: enforce explicit \u003ccode\u003eBuffer\u003c/code\u003e import and add lint rule by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6525\"\u003eexpressjs/express#6525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use node protocol for querystring by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6520\"\u003eexpressjs/express#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo by \u003ca href=\"https://github.com/mountdisk\"\u003e\u003ccode\u003e@​mountdisk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6609\"\u003eexpressjs/express#6609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6618\"\u003eexpressjs/express#6618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd deprecation warnings for redirect arguments undefined by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6405\"\u003eexpressjs/express#6405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: run CI when the markdown changes by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6632\"\u003eexpressjs/express#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: fix CONTRIBUTING link by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6653\"\u003eexpressjs/express#6653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update contributing guidelines and code of conduct links by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6601\"\u003eexpressjs/express#6601\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump morgan from 1.10.0 to 1.10.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6679\"\u003eexpressjs/express#6679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6678\"\u003eexpressjs/express#6678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elint: add --fix flag to automatic fix linting issue by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6644\"\u003eexpressjs/express#6644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: ignore yarn.lock file and update example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6588\"\u003eexpressjs/express#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elib: use req.socket over deprecated req.connection by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6705\"\u003eexpressjs/express#6705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update express app example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6718\"\u003eexpressjs/express#6718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6675\"\u003eexpressjs/express#6675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove history.md from being packaged on publish by \u003ca href=\"https://github.com/sheplu\"\u003e\u003ccode\u003e@​sheplu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6780\"\u003eexpressjs/express#6780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/master/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.2.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA deprecation warning was added when using \u003ccode\u003eres.redirect\u003c/code\u003e with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dbac741a49a5a64336b70c06e85c2e2706e36336\"\u003e\u003ccode\u003edbac741\u003c/code\u003e\u003c/a\u003e 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/697547cde621d8b0a47b4fff6e98b29337f8c980\"\u003e\u003ccode\u003e697547c\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/4007ad103ba29f6426b2ec9eccfb1ceb792682a8\"\u003e\u003ccode\u003e4007ad1\u003c/code\u003e\u003c/a\u003e Release: 5.2.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/2f64f68c37c64ae333e41ff38032d21860f22255\"\u003e\u003ccode\u003e2f64f68\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/ed0ba3f1dc905d6b62eabf23bd383abcae4901ba\"\u003e\u003ccode\u003eed0ba3f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6928\"\u003e#6928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8eace4603cb2547608578a4fbb259dc984216f71\"\u003e\u003ccode\u003e8eace46\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6929\"\u003e#6929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/30bae810279b2ea162bed5b14ce6c35a110a87f5\"\u003e\u003ccode\u003e30bae81\u003c/code\u003e\u003c/a\u003e build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6930\"\u003e#6930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/758d4355d45322b4c8cd347ebcefbf3b154c7e7f\"\u003e\u003ccode\u003e758d435\u003c/code\u003e\u003c/a\u003e deps: body-parser@^2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/77bcd5274a87047e5b3fe2f17f6c342db3909c53\"\u003e\u003ccode\u003e77bcd52\u003c/code\u003e\u003c/a\u003e docs: update emeritus triagers (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6890\"\u003e#6890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f33caf1f89a028f0ea98ff5a156a68e65a2eabdd\"\u003e\u003ccode\u003ef33caf1\u003c/code\u003e\u003c/a\u003e Nominate to \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e for triage team (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6888\"\u003e#6888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/v5.1.0...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `graphql` from 16.11.0 to 16.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/graphql/graphql-js/releases\"\u003egraphql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.13.2 (2026-03-24)\u003c/h2\u003e\n\u003ch4\u003eDocs 📝\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4611\"\u003e#4611\u003c/a\u003e add dev mode docs (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePolish 💅\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4631\"\u003e#4631\u003c/a\u003e Use \u003ccode\u003eObject.create(null)\u003c/code\u003e over \u003ccode\u003e{}\u003c/code\u003e to avoid prototype issues - v16 (\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4626\"\u003e#4626\u003c/a\u003e backport: internal: streamline release process (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4615\"\u003e#4615\u003c/a\u003e) (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBenjie(\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYaacov Rydzinski (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.13.1 (2026-03-04)\u003c/h2\u003e\n\u003cp\u003eFirst 16.x.x release with trusted publishing and provenance, see: \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003ehttps://docs.npmjs.com/trusted-publishers\u003c/a\u003e for additional information.\u003c/p\u003e\n\u003ch4\u003eDocs 📝\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4433\"\u003e#4433\u003c/a\u003e docs: move migrate from express graphql guide to graphqlJS docs (\u003ca href=\"https://github.com/sarahxsanders\"\u003e\u003ccode\u003e@​sarahxsanders\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4608\"\u003e#4608\u003c/a\u003e internal: backport new release flow from 17.x.x (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4610\"\u003e#4610\u003c/a\u003e internal: pin node version for release action (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSarah Sanders(\u003ca href=\"https://github.com/sarahxsanders\"\u003e\u003ccode\u003e@​sarahxsanders\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYaacov Rydzinski (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e16.13.0\u003c/h2\u003e\n\u003ch2\u003ev16.13.0 (2026-02-24)\u003c/h2\u003e\n\u003ch4\u003eNew Feature 🚀\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4458\"\u003e#4458\u003c/a\u003e Sibling errors should not be added after propagation (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eBug Fix 🐞\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4336\"\u003e#4336\u003c/a\u003e add deprecated note to assertValidExecutionArguments (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4517\"\u003e#4517\u003c/a\u003e fix(validation): incorrect validation errors when variable descriptions are used (\u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4506\"\u003e#4506\u003c/a\u003e Version packages (\u003ca href=\"https://github.com/JoviDeCroock\"\u003e\u003ccode\u003e@​JoviDeCroock\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4514\"\u003e#4514\u003c/a\u003e chore: always ignore scripts (\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4524\"\u003e#4524\u003c/a\u003e update contributing (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/123e958de1362eef098c30e917b51981c484729e\"\u003e\u003ccode\u003e123e958\u003c/code\u003e\u003c/a\u003e chore(release): v16.13.2 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/13f130d229311cfaf3accff12d3b7134e8d43a8c\"\u003e\u003ccode\u003e13f130d\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eObject.create(null)\u003c/code\u003e over \u003ccode\u003e{}\u003c/code\u003e to avoid prototype issues - v16 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4631\"\u003e#4631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/6ca59e128fe6cf26f1335fbd81d2f4a30bf9fce1\"\u003e\u003ccode\u003e6ca59e1\u003c/code\u003e\u003c/a\u003e backport: internal: streamline release process (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4615\"\u003e#4615\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4626\"\u003e#4626\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/df8c53f5157b9d8312160b1d5baf1f7029213097\"\u003e\u003ccode\u003edf8c53f\u003c/code\u003e\u003c/a\u003e docs: dev mode for v17 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4611\"\u003e#4611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/3b5c3f949ba1f3709f260984becd266b0c6fb4e8\"\u003e\u003ccode\u003e3b5c3f9\u003c/code\u003e\u003c/a\u003e internal: pin node version for release action (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4610\"\u003e#4610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/6dee4356c78458003cee3a851242ec99e4e1627b\"\u003e\u003ccode\u003e6dee435\u003c/code\u003e\u003c/a\u003e chore(release): v16.13.1 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4609\"\u003e#4609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/c2ad5c6494a5e2d8b6a73c49bf13306d7f5c9533\"\u003e\u003ccode\u003ec2ad5c6\u003c/code\u003e\u003c/a\u003e internal: backport new release flow from 17.x.x (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4608\"\u003e#4608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/adff4e66ed048cdac4eb96b8750ab6d5a2763cfe\"\u003e\u003ccode\u003eadff4e6\u003c/code\u003e\u003c/a\u003e docs: move migrate from express graphql guide to graphqlJS docs (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4433\"\u003e#4433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/7569989a8850c00a4e90ffdb56f1c6094cdcd795\"\u003e\u003ccode\u003e7569989\u003c/code\u003e\u003c/a\u003e 16.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/49450d85c3dfb1301faac61da08830896929d5fd\"\u003e\u003ccode\u003e49450d8\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;deprecate (internal) buildResolveInfo in favor of (internal) ResolveI...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/graphql/graphql-js/compare/v16.11.0...v16.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for graphql since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.0 to 19.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.4 (January 26th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more DoS mitigations to Server Actions, and harden Server Components (\u003ca href=\"https://redirect.github.com/facebook/react/pull/35632\"\u003e#35632\u003c/a\u003e by \u003ca href=\"https://github.com/gnoff\"\u003e\u003ccode\u003e@​gnoff\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lubieowoce\"\u003e\u003ccode\u003e@​lubieowoce\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.3 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd extra loop protection to React Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35351\"\u003e#35351\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.2 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove \u003ccode\u003ereact-server-dom-webpack/*.unbundled\u003c/code\u003e to private \u003ccode\u003ereact-server-dom-unbundled\u003c/code\u003e (\u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35290\"\u003efacebook/react#35290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch Promise cycles and toString on Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35289\"\u003e#35289\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/facebook/react/pull/35345\"\u003e#35345\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.1 (December 3rd, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/blob/main/CHANGELOG.md\"\u003ereact's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.1 (Dec 3, 2025)\u003c/h2\u003e\n\u003ch3\u003eReact Server Components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/90ab3f89f4824ac763b6f877c6f711200d1338d2\"\u003e\u003ccode\u003e90ab3f8\u003c/code\u003e\u003c/a\u003e Version 19.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/612e371fb215498edde4c853bd1e0c8e9203808f\"\u003e\u003ccode\u003e612e371\u003c/code\u003e\u003c/a\u003e Version 19.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/b910fc15e38d4fa80003819ddb7a928a3c3dca5d\"\u003e\u003ccode\u003eb910fc1\u003c/code\u003e\u003c/a\u003e Version 19.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/053df4e8561ef4caecef31c330f4178ac25e255b\"\u003e\u003ccode\u003e053df4e\u003c/code\u003e\u003c/a\u003e Version 19.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.5/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.0 to 19.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.4 (January 26th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more DoS mitigations to Server Actions, and harden Server Components (\u003ca href=\"https://redirect.github.com/facebook/react/pull/35632\"\u003e#35632\u003c/a\u003e by \u003ca href=\"https://github.com/gnoff\"\u003e\u003ccode\u003e@​gnoff\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lubieowoce\"\u003e\u003ccode\u003e@​lubieowoce\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.3 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd extra loop protection to React Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35351\"\u003e#35351\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.2 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove \u003ccode\u003ereact-server-dom-webpack/*.unbundled\u003c/code\u003e to private \u003ccode\u003ereact-server-dom-unbundled\u003c/code\u003e (\u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35290\"\u003efacebook/react#35290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch Promise cycles and toString on Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35289\"\u003e#35289\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/facebook/react/pull/35345\"\u003e#35345\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.1 (December 3rd, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/blob/main/CHANGELOG.md\"\u003ereact-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.1 (Dec 3, 2025)\u003c/h2\u003e\n\u003ch3\u003eReact Server Components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/90ab3f89f4824ac763b6f877c6f711200d1338d2\"\u003e\u003ccode\u003e90ab3f8\u003c/code\u003e\u003c/a\u003e Version 19.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/612e371fb215498edde4c853bd1e0c8e9203808f\"\u003e\u003ccode\u003e612e371\u003c/code\u003e\u003c/a\u003e Version 19.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/b910fc15e38d4fa80003819ddb7a928a3c3dca5d\"\u003e\u003ccode\u003eb910fc1\u003c/code\u003e\u003c/a\u003e Version 19.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/053df4e8561ef4caecef31c330f4178ac25e255b\"\u003e\u003ccode\u003e053df4e\u003c/code\u003e\u003c/a\u003e Version 19.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.5/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 1.2.0 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add CodeQl (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/250\"\u003epillarjs/send#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/255\"\u003epillarjs/send#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[StepSecurity] Apply security best practices by \u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/265\"\u003epillarjs/send#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.23.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/257\"\u003epillarjs/send#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/269\"\u003epillarjs/send#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/268\"\u003epillarjs/send#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/267\"\u003epillarjs/send#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/278\"\u003epillarjs/send#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/277\"\u003epillarjs/send#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/276\"\u003epillarjs/send#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/275\"\u003epillarjs/send#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/272\"\u003epillarjs/send#272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/262\"\u003epillarjs/send#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump supertest from 6.2.2 to 6.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/260\"\u003epillarjs/send#260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/283\"\u003epillarjs/send#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.31.2 to 4.31.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/282\"\u003epillarjs/send#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove HISTORY.md from tarball by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/285\"\u003epillarjs/send#285\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Node.js 25 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/284\"\u003epillarjs/send#284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependency ranges to latest versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/286\"\u003epillarjs/send#286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/281\"\u003epillarjs/send#281\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ehttps://github.com/pillarjs/send/compare/1.2.0...1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.1 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor changes (package metadata)\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.4.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/096a6148bea0b82ca974fe0016e6eac280869249\"\u003e\u003ccode\u003e096a614\u003c/code\u003e\u003c/a\u003e 1.2.1 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/861e3c609c52669c79ef7e5e268cc3d6a51f6912\"\u003e\u003ccode\u003e861e3c6\u003c/code\u003e\u003c/a\u003e chore: update depenency ranges to latest versions (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/a40fcd4aef752bc0540234e36d5f3e6a1e384852\"\u003e\u003ccode\u003ea40fcd4\u003c/code\u003e\u003c/a\u003e ci: add Node.js 25 to test matrix (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/7740dde70eb61547c87089b53619089a5c911502\"\u003e\u003ccode\u003e7740dde\u003c/code\u003e\u003c/a\u003e chore: remove HISTORY.md from tarball (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f532f4115fc6c92ade88c5abe83297d64a39e515\"\u003e\u003ccode\u003ef532f41\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f9b651ff01c8761b7ec0ddefcc92baa19789c7eb\"\u003e\u003ccode\u003ef9b651f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/db2558b7bd3fe7f183e54e50bc753a725822755a\"\u003e\u003ccode\u003edb2558b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump supertest from 6.2.2 to 6.3.4 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/136fcf6465495db3e8b55d9463721e12613333af\"\u003e\u003ccode\u003e136fcf6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/262\"\u003e#262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/fac9c3f6af95e55d93966a334c2565f434fff6a7\"\u003e\u003ccode\u003efac9c3f\u003c/code\u003e\u003c/a\u003e build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/cd0c2535f31100a4224c82deb32e93e3b07b0ac1\"\u003e\u003ccode\u003ecd0c253\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/setup-node from 4 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 2.2.0 to 2.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/202\"\u003eexpressjs/serve-static#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/201\"\u003eexpressjs/serve-static#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/204\"\u003eexpressjs/serve-static#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/205\"\u003eexpressjs/serve-static#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/209\"\u003eexpressjs/serve-static#209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/210\"\u003eexpressjs/serve-static#210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/211\"\u003eexpressjs/serve-static#211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/212\"\u003eexpressjs/serve-static#212\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/213\"\u003eexpressjs/serve-static#213\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/216\"\u003eexpressjs/serve-static#216\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/226\"\u003eexpressjs/serve-static#226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/225\"\u003eexpressjs/serve-static#225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/224\"\u003eexpressjs/serve-static#224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-st...\n\n_Description has been truncated_","html_url":"https://github.com/ghjm/connectopus/pull/1121","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ghjm%2Fconnectopus/issues/1121","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1121/packages"},{"uuid":"4255971068","node_id":"PR_kwDOFz4CM87SBlMt","number":40,"state":"closed","title":"build(deps): bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-16T00:26:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T15:16:17.000Z","updated_at":"2026-04-16T00:26:57.000Z","time_to_close":205838,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.1","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.1","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sctlcd/angular-first-app_tell-me-a-joke/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sctlcd/angular-first-app_tell-me-a-joke/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sctlcd%2Fangular-first-app_tell-me-a-joke/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"},{"uuid":"4238280797","node_id":"PR_kwDOIYOfHc7RaHEc","number":1,"state":"closed","title":"Bump the npm_and_yarn group across 5 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-11T00:56:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-10T09:55:24.000Z","updated_at":"2026-04-11T00:56:22.000Z","time_to_close":54056,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"dompurify","old_version":"2.3.6","new_version":"removed","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"prismjs","old_version":"1.28.0","new_version":"1.30.0","repository_url":"https://github.com/PrismJS/prism"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"ws","old_version":"7.5.7","new_version":"7.5.10","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /libraries/site-analytics directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /libraries/manifest-validation directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 8 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `2.3.6` | `removed` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [prismjs](https://github.com/PrismJS/prism) | `1.28.0` | `1.30.0` |\n| [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` |\n\nBumps the npm_and_yarn group with 13 updates in the /components/pwa-update directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` |\n| [socket.io](https://github.com/socketio/socket.io) | `4.5.2` | `4.8.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.70.2` | `2.80.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.17.9` | `7.29.0` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.2` | `3.3.5` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.4.1` | `3.4.4` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.4` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.11` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n\nBumps the npm_and_yarn group with 13 updates in the /components/pwa-install directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [socket.io](https://github.com/socketio/socket.io) | `4.5.2` | `4.8.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.75.6` | `2.80.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.2` | `7.29.0` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.2` | `3.3.5` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.4.1` | `3.4.4` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.4` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.8` | `removed` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `dompurify`\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prismjs` from 1.28.0 to 1.30.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PrismJS/prism/releases\"\u003eprismjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.30.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echeck that \u003ccode\u003ecurrentScript\u003c/code\u003e is set by a script tag by \u003ca href=\"https://github.com/lkuechler\"\u003e\u003ccode\u003e@​lkuechler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/PrismJS/prism/pull/3863\"\u003ePrismJS/prism#3863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lkuechler\"\u003e\u003ccode\u003e@​lkuechler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/PrismJS/prism/pull/3863\"\u003ePrismJS/prism#3863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0\"\u003ehttps://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003cp\u003eRelease 1.29.0\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PrismJS/prism/blob/v2/CHANGELOG.md\"\u003eprismjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePrism Changelog\u003c/h1\u003e\n\u003ch2\u003e1.29.0 (2022-08-23)\u003c/h2\u003e\n\u003ch3\u003eNew components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBBj\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3511\"\u003e#3511\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/1134bdfc\"\u003e\u003ccode\u003e1134bdfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBQN\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3515\"\u003e#3515\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/859f99a0\"\u003e\u003ccode\u003e859f99a0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCilk/C\u003c/strong\u003e \u0026amp; \u003cstrong\u003eCilk/C++\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3522\"\u003e#3522\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/c8462a29\"\u003e\u003ccode\u003ec8462a29\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGradle\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3443\"\u003e#3443\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/32119823\"\u003e\u003ccode\u003e32119823\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMETAFONT\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3465\"\u003e#3465\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/2815f699\"\u003e\u003ccode\u003e2815f699\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWGSL\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3455\"\u003e#3455\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/4c87d418\"\u003e\u003ccode\u003e4c87d418\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdated components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAsciiDoc\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eSome regexes are too greedy (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3481\"\u003e#3481\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/c4cbeeaa\"\u003e\u003ccode\u003ec4cbeeaa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBash\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u0026quot;sh\u0026quot; alias (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3509\"\u003e#3509\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/6b824d47\"\u003e\u003ccode\u003e6b824d47\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for parameters and the \u003ccode\u003ejava\u003c/code\u003e and \u003ccode\u003esysctl\u003c/code\u003e commands. (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3505\"\u003e#3505\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/b9512b22\"\u003e\u003ccode\u003eb9512b22\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ecargo\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3488\"\u003e#3488\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/3e937137\"\u003e\u003ccode\u003e3e937137\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBBj\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eImprove regexes (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3512\"\u003e#3512\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/0cad9ae5\"\u003e\u003ccode\u003e0cad9ae5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed @-rules not accounting for strings (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3438\"\u003e#3438\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/0d4b6cb6\"\u003e\u003ccode\u003e0d4b6cb6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Extras\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eRebeccaPurple\u003c/code\u003e color (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3448\"\u003e#3448\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/646b2e0a\"\u003e\u003ccode\u003e646b2e0a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHoon\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed escaped strings (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3473\"\u003e#3473\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/64642716\"\u003e\u003ccode\u003e64642716\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJava\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for constants (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3507\"\u003e#3507\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/342a0039\"\u003e\u003ccode\u003e342a0039\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMarkup\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quotes in HTML attribute values (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3442\"\u003e#3442\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/ca8eaeee\"\u003e\u003ccode\u003eca8eaeee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNSIS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded missing commands (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3504\"\u003e#3504\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/b0c2a9b4\"\u003e\u003ccode\u003eb0c2a9b4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eScala\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated keywords to support Scala 3 (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3506\"\u003e#3506\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/a090d063\"\u003e\u003ccode\u003ea090d063\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSCSS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFix casing in title of the \u003ccode\u003escss\u003c/code\u003e lang (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3501\"\u003e#3501\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/2aed9ce7\"\u003e\u003ccode\u003e2aed9ce7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdated plugins\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLine Highlight\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAccount for offset when clamping ranges (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3518\"\u003e#3518\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/098e3000\"\u003e\u003ccode\u003e098e3000\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore ranges outside of actual lines (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3475\"\u003e#3475\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/9a4e725b\"\u003e\u003ccode\u003e9a4e725b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNormalize Whitespace\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdd configuration via attributes (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3467\"\u003e#3467\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/91dea0c8\"\u003e\u003ccode\u003e91dea0c8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/76dde18a575831c91491895193f56081ac08b0c5\"\u003e\u003ccode\u003e76dde18\u003c/code\u003e\u003c/a\u003e Release 1.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/93cca40b364215210f23a9e35f085a682a2b8175\"\u003e\u003ccode\u003e93cca40\u003c/code\u003e\u003c/a\u003e npm pkg fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/99c5ca970f18f744d75e473573d4679100f87086\"\u003e\u003ccode\u003e99c5ca9\u003c/code\u003e\u003c/a\u003e Add release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/8e8b9352dac64457194dd9e51096b4772532e53d\"\u003e\u003ccode\u003e8e8b935\u003c/code\u003e\u003c/a\u003e check that currentScript is set by a script tag (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3863\"\u003e#3863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/f894dc2cbb507f565a046fed844fd541f07aa191\"\u003e\u003ccode\u003ef894dc2\u003c/code\u003e\u003c/a\u003e Fix logo in the footer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/ac38dcec9bea6bac064a7264b7aeba086e3102bf\"\u003e\u003ccode\u003eac38dce\u003c/code\u003e\u003c/a\u003e Delete CNAME\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/9b5b09aef4dc2c18c28d2f5a6244d4efcc6ab5cb\"\u003e\u003ccode\u003e9b5b09a\u003c/code\u003e\u003c/a\u003e Enable CORS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/59e5a3471377057de1f401ba38337aca27b80e03\"\u003e\u003ccode\u003e59e5a34\u003c/code\u003e\u003c/a\u003e 1.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/cd080f25ba12ef792d11468f5633fbbb23fd390e\"\u003e\u003ccode\u003ecd080f2\u003c/code\u003e\u003c/a\u003e Updated npmignore to include new MD files (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3534\"\u003e#3534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/751664bd300b16b7b715e544de5a164b91b03075\"\u003e\u003ccode\u003e751664b\u003c/code\u003e\u003c/a\u003e Added PR stop notice (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3532\"\u003e#3532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PrismJS/prism/compare/v1.28.0...v1.30.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~dmitrysharabin\"\u003edmitrysharabin\u003c/a\u003e, a new releaser for prismjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.7 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.8\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported 0fdcc0af to the 7.x release line (2758ed35).\u003c/li\u003e\n\u003cli\u003eBackported d68ba9e1 to the 7.x release line (dc1781bc).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/4271f07cfc95cf7e1936388fb69e22a3731fa260\"\u003e\u003ccode\u003e4271f07\u003c/code\u003e\u003c/a\u003e [dist] 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/dc1781bc319cb347878d11cf730947d0bef69a51\"\u003e\u003ccode\u003edc1781b\u003c/code\u003e\u003c/a\u003e [security] Drop sensitive headers when following insecure redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2758ed355073105a60b8b836b25265b8cdcb3b42\"\u003e\u003ccode\u003e2758ed3\u003c/code\u003e\u003c/a\u003e [fix] Abort the handshake if the Upgrade header is invalid\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.7...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.7 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.8\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported 0fdcc0af to the 7.x release line (2758ed35).\u003c/li\u003e\n\u003cli\u003eBackported d68ba9e1 to the 7.x release line (dc1781bc).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/4271f07cfc95cf7e1936388fb69e22a3731fa260\"\u003e\u003ccode\u003e4271f07\u003c/code\u003e\u003c/a\u003e [dist] 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/dc1781bc319cb347878d11cf730947d0bef69a51\"\u003e\u003ccode\u003edc1781b\u003c/code\u003e\u003c/a\u003e [security] Drop sensitive headers when following insecure redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2758ed355073105a60b8b836b25265b8cdcb3b42\"\u003e\u003ccode\u003e2758ed3\u003c/code\u003e\u003c/a\u003e [fix] Abort the handshake if the Upgrade header is invalid\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.7...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.2 to 4.8.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esocket.io@4.8.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edo not throw when calling io.close() on a stopped server (\u003ca href=\"https://github.com/socketio/socket.io/commit/9581f9bcfd0c0fa8cb16eae1604c6a727af21efa\"\u003e9581f9b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.6.0\"\u003e\u003ccode\u003eengine.io@~6.6.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-client@4.8.3\u003c/h2\u003e\n\u003cp\u003eThere were some minor bug fixes on the server side, which mandate a client bump.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io-client/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io-client@~6.6.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.18.3\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io@4.8.2\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003eurl.parse()\u003c/code\u003e function is now deprecated and has been replaced by \u003ccode\u003enew URL()\u003c/code\u003e (see \u003ca href=\"https://github.com/socketio/socket.io/commit/8af70195bb8c5bc3efe9685997ab6373fb8b1ca9\"\u003e8af7019\u003c/a\u003e).\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecall adapter.init() when creating each namespace (\u003ca href=\"https://github.com/socketio/socket.io/commit/f3e1f5ebdf59158d0c8d1e20f8230275617fb355\"\u003ef3e1f5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eimprove \u003ccode\u003eio.close()\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5344\"\u003e#5344\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/bb0b480d2ab3108a8ae255b539015da451fdb249\"\u003ebb0b480\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.6.0\"\u003e\u003ccode\u003eengine.io@~6.6.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.18.3\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-client@4.8.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebundle\u003c/strong\u003e: do not mangle the \u0026quot;_placeholder\u0026quot; attribute (bis) (\u003ca href=\"https://github.com/socketio/socket.io/commit/cdae01983a8ae840fc9812875a8b88166b377c11\"\u003ecdae019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrain queue before emitting \u0026quot;connect\u0026quot; (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5259\"\u003e#5259\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/d19928e8d8b325310274031ed7de2ddc93ebb589\"\u003ed19928e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io-client/releases/tag/6.6.1\"\u003e\u003ccode\u003eengine.io-client@~6.6.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.17.1\"\u003e\u003ccode\u003ews@~8.17.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io@4.8.1\u003c/h2\u003e\n\u003cp\u003eDue to a change in the bundler configuration, the production bundle (\u003ccode\u003esocket.io.min.js\u003c/code\u003e) did not support sending and receiving binary data in version \u003ccode\u003e4.8.0\u003c/code\u003e. This is now fixed.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/9978574e4f1d4e21593497f94c40053cd0fff359\"\u003e\u003ccode\u003e9978574\u003c/code\u003e\u003c/a\u003e chore(release): socket.io@4.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e9e5bed4f2df269d228573325f25e10ec9dee6f3\"\u003e\u003ccode\u003ee9e5bed\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-client@4.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/9581f9bcfd0c0fa8cb16eae1604c6a727af21efa\"\u003e\u003ccode\u003e9581f9b\u003c/code\u003e\u003c/a\u003e fix(sio): do not throw when calling io.close() on a stopped server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/579d43f33f93503a936a133a59c1dcc1b8440c3d\"\u003e\u003ccode\u003e579d43f\u003c/code\u003e\u003c/a\u003e refactor: remove unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/ee9aac31342da4ccad8e9bfe5b98081701037f32\"\u003e\u003ccode\u003eee9aac3\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-parser@4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/968277cef8cf429a001c2c51b3ab7fd25b9836ef\"\u003e\u003ccode\u003e968277c\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-adapter@2.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2bf16bd214b5c12a90f4c2dad88bfbea2858df10\"\u003e\u003ccode\u003e2bf16bd\u003c/code\u003e\u003c/a\u003e chore(release): engine.io-client@6.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/ad616070b8d845486fb5f1576205f70fff89723d\"\u003e\u003ccode\u003ead61607\u003c/code\u003e\u003c/a\u003e docs(eio): fix link in the release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/dd717924556d18b4453b63465fbf9b7c32788ac6\"\u003e\u003ccode\u003edd71792\u003c/code\u003e\u003c/a\u003e chore(release): socket.io@4.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bb0b480d2ab3108a8ae255b539015da451fdb249\"\u003e\u003ccode\u003ebb0b480\u003c/code\u003e\u003c/a\u003e fix(sio): improve \u003ccode\u003eio.close()\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5344\"\u003e#5344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.2...socket.io@4.8.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for socket.io since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 2.70.2 to 2.80.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev.2.79.2\u003c/h2\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5671\"\u003e#5671\u003c/a\u003e: Fix DOM Clobbering CVE (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.80.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6277\"\u003e#6277\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve CVE-2024-43788 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5677\"\u003e#5677\u003c/a\u003e: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://github.com/fabianszabo\"\u003e\u003ccode\u003e@​fabianszabo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-09-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid massive performance degradation when creating thousands of chunks (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4639\"\u003e#4639\u003c/a\u003e: fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://github.com/takurinton\"\u003e\u003ccode\u003e@​takurinton\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4641\"\u003e#4641\u003c/a\u003e: Update type definition of resolveId (\u003ca href=\"https://github.com/ivanjonas\"\u003e\u003ccode\u003e@​ivanjonas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4643\"\u003e#4643\u003c/a\u003e: Improve performance of chunk naming collision check (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-08-31\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eamd.forceJsExtensionForImports\u003c/code\u003e to enforce using \u003ccode\u003e.js\u003c/code\u003e extensions for relative AMD imports (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4607\"\u003e#4607\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4607\"\u003e#4607\u003c/a\u003e: add option to keep extensions for amd (\u003ca href=\"https://github.com/wh1tevs\"\u003e\u003ccode\u003e@​wh1tevs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d17ae15336a45c3c59b2a4aacac2b14186035d28\"\u003e\u003ccode\u003ed17ae15\u003c/code\u003e\u003c/a\u003e 2.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3\"\u003e\u003ccode\u003ed6dee5e\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9bd03d12e96c46122a0372d3bbe9b468cee57da\"\u003e\u003ccode\u003ec9bd03d\u003c/code\u003e\u003c/a\u003e 2.79.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/48aef33cf2f2a6dfb175afb3bcd6a977c81f1d5c\"\u003e\u003ccode\u003e48aef33\u003c/code\u003e\u003c/a\u003e fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/69ff4181e701a0fe0026d0ba147f31bc86beffa8\"\u003e\u003ccode\u003e69ff418\u003c/code\u003e\u003c/a\u003e 2.79.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/04dce1bc734c22924b02c3d57061710dcb6395e4\"\u003e\u003ccode\u003e04dce1b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/159137e6425a97c126645110d19d0533643d5ee7\"\u003e\u003ccode\u003e159137e\u003c/code\u003e\u003c/a\u003e fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4639\"\u003e#4639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e1392b3905de33dc432a5692f9a6ec60103ea2f6\"\u003e\u003ccode\u003ee1392b3\u003c/code\u003e\u003c/a\u003e Update type definition of resolveId (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4641\"\u003e#4641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7836357aaeb1fb103318bca3f0ee8beacdec0470\"\u003e\u003ccode\u003e7836357\u003c/code\u003e\u003c/a\u003e Improve performance of chunk naming collision check (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71d20c9d4a75b51b95c56df43ba1efd934158acb\"\u003e\u003ccode\u003e71d20c9\u003c/code\u003e\u003c/a\u003e Reduce permissions for repl-artefacts.yml workflow (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4630\"\u003e#4630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v2.70.2...v2.80.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.17.9 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_","html_url":"https://github.com/Surfndez/PWABuilder/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Surfndez%2FPWABuilder/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4236360278","node_id":"PR_kwDOBY-BTM7RU7C1","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-10T03:36:59.000Z","updated_at":"2026-04-10T03:37:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"jquery","old_version":"3.2.1","new_version":"3.5.0","repository_url":"https://github.com/jquery/jquery"},{"name":"grunt","old_version":"0.4.5","new_version":"1.6.1","repository_url":"https://github.com/gruntjs/grunt"},{"name":"ajv","old_version":"4.11.8","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"request","old_version":"2.81.0","new_version":"2.88.2","repository_url":"https://github.com/request/request"},{"name":"deep-extend","old_version":"0.4.2","new_version":"0.6.0","repository_url":"https://github.com/unclechu/node-deep-extend"},{"name":"minimist","old_version":"1.2.0","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"ini","old_version":"1.3.4","new_version":"1.3.8","repository_url":"https://github.com/npm/ini"},{"name":"morgan","old_version":"1.8.2","new_version":"1.10.1","repository_url":"https://github.com/expressjs/morgan"},{"name":"send","old_version":"0.15.3","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.12.3","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [jquery](https://github.com/jquery/jquery) | `3.2.1` | `3.5.0` |\n| [grunt](https://github.com/gruntjs/grunt) | `0.4.5` | `1.6.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `4.11.8` | `6.14.0` |\n| [request](https://github.com/request/request) | `2.81.0` | `2.88.2` |\n| [deep-extend](https://github.com/unclechu/node-deep-extend) | `0.4.2` | `0.6.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [ini](https://github.com/npm/ini) | `1.3.4` | `1.3.8` |\n| [morgan](https://github.com/expressjs/morgan) | `1.8.2` | `1.10.1` |\n| [send](https://github.com/pillarjs/send) | `0.15.3` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.12.3` | `1.16.3` |\n\n\nUpdates `jquery` from 3.2.1 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery/releases\"\u003ejquery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery 3.5.0 Released!\u003c/h2\u003e\n\u003cp\u003eSee the blog post:\n\u003ca href=\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\"\u003ehttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\u003c/a\u003e\nand the upgrade guide:\n\u003ca href=\"https://jquery.com/upgrade-guide/3.5/\"\u003ehttps://jquery.com/upgrade-guide/3.5/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE:\u003c/strong\u003e Despite being a minor release, this update includes a breaking change that we had to make to fix \u003ca href=\"https://github.com/advisories/GHSA-gxr4-xjj5-5px2\"\u003ea security issue\u003c/a\u003e ( \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\u003e\u003ccode\u003eCVE-2020-11022\u003c/code\u003e\u003c/a\u003e). Please follow the blog post \u0026amp; the upgrade guide for more details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/7a0a850f3d41c0412609c1d32b1e602d4afe2f4e\"\u003e\u003ccode\u003e7a0a850\u003c/code\u003e\u003c/a\u003e 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/8570a08f6689223aa06ca8cc51d488c6d81d44f9\"\u003e\u003ccode\u003e8570a08\u003c/code\u003e\u003c/a\u003e Release: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/da3dd85b63c4e3a6a768132c2a83a1a6eec24840\"\u003e\u003ccode\u003eda3dd85\u003c/code\u003e\u003c/a\u003e Ajax: Do not execute scripts for unsuccessful HTTP responses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/065143c2e93512eb0c82d1b344b71d06eb7cf01c\"\u003e\u003ccode\u003e065143c\u003c/code\u003e\u003c/a\u003e Ajax: Overwrite s.contentType with content-type header value, if any\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/1a4f10ddc37c34c6dc3a451ee451b5c6cf367399\"\u003e\u003ccode\u003e1a4f10d\u003c/code\u003e\u003c/a\u003e Tests: Blacklist one focusin test in IE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/9e15d6b469556eccfa607c5ecf53b20c84529125\"\u003e\u003ccode\u003e9e15d6b\u003c/code\u003e\u003c/a\u003e Event: Use only one focusin/out handler per matching window \u0026amp; document\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/966a70909019aa09632c87c0002c522fa4a1e30e\"\u003e\u003ccode\u003e966a709\u003c/code\u003e\u003c/a\u003e Manipulation: Skip the select wrapper for \u0026lt;option\u0026gt; outside of IE 9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77\"\u003e\u003ccode\u003e1d61fd9\u003c/code\u003e\u003c/a\u003e Manipulation: Make jQuery.htmlPrefilter an identity function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/04bf577e2f961c9dde85ddadc77f71bc7bc671cc\"\u003e\u003ccode\u003e04bf577\u003c/code\u003e\u003c/a\u003e Selector: Update Sizzle from 2.3.4 to 2.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/7506c9ca62a2f3ef773e19385918c31e9d62d412\"\u003e\u003ccode\u003e7506c9c\u003c/code\u003e\u003c/a\u003e Build: Resolve Travis config warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery/compare/3.2.1...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mgol\"\u003emgol\u003c/a\u003e, a new releaser for jquery since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `grunt` from 0.4.5 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\n- Upgrade legacy-util to ~2.0.0.\nv1.2.1\ndate: 2020-07-07\nchanges:\n- Remove path-is-absolute dependency.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1715\"\u003egruntjs/grunt#1715\u003c/a\u003e)\nv1.2.0\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8372e118eb8c4c6d40e9c6c5684948a786dee8a9\"\u003e\u003ccode\u003e8372e11\u003c/code\u003e\u003c/a\u003e 1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/72f6f034edc004cc72bbf4caab1d53843f130546\"\u003e\u003ccode\u003e72f6f03\u003c/code\u003e\u003c/a\u003e Changelog updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d4c183448650abe213cb29a93598649c4060d84\"\u003e\u003ccode\u003e8d4c183\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/1c7d48399766cb1a0ca48ce57cee16b2478ed842\"\u003e\u003ccode\u003e1c7d483\u003c/code\u003e\u003c/a\u003e Add recursive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/2d4fd381a48590b2fb18d7b2cc8865470ed54f1b\"\u003e\u003ccode\u003e2d4fd38\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/902db7c6ff5d046e88366bb94cf06ee484e33f49\"\u003e\u003ccode\u003e902db7c\u003c/code\u003e\u003c/a\u003e Downgrade glob\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/494f243d0cf82238c8d242772ee7c52d4416a0dd\"\u003e\u003ccode\u003e494f243\u003c/code\u003e\u003c/a\u003e Fix syntax\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b01389ea6a5b6a4fc32471c739a41460a9f611cb\"\u003e\u003ccode\u003eb01389e\u003c/code\u003e\u003c/a\u003e remove mkdirp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/0072510057b3d35260a63c951f4bc86d761a4838\"\u003e\u003ccode\u003e0072510\u003c/code\u003e\u003c/a\u003e remove dep on rimraf and mkdirp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/0afeb5c631199d806fa560c680987dd907263b83\"\u003e\u003ccode\u003e0afeb5c\u003c/code\u003e\u003c/a\u003e 1.6.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~vladikoff\"\u003evladikoff\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 4.11.8 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003ch2\u003ev6.10.2\u003c/h2\u003e\n\u003cp\u003eFix: the unknown keywords were ignored with the option \u003ccode\u003estrictKeywords: true\u003c/code\u003e (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.\u003c/p\u003e\n\u003ch2\u003ev6.10.1\u003c/h2\u003e\n\u003cp\u003eFix types\nFix addSchema (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1001\"\u003e#1001\u003c/a\u003e)\nUpdate dependencies\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cp\u003eOption \u003ccode\u003estrictDefaults\u003c/code\u003e to report ignored defaults (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/957\"\u003e#957\u003c/a\u003e, \u003ca href=\"https://github.com/not-an-aardvark\"\u003e\u003ccode\u003e@​not-an-aardvark\u003c/code\u003e\u003c/a\u003e)\nOption \u003ccode\u003estrictKeywords\u003c/code\u003e to report unknown keywords (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/781\"\u003e#781\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cp\u003eOpenAPI keyword \u003ccode\u003enullable\u003c/code\u003e can be any boolean (and not only \u003ccode\u003etrue\u003c/code\u003e).\nCustom keyword definition changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edependencies\u003c/code\u003e option in  to require the presence of keywords in the same schema.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d580d3e8ac6a467670d68d86e3a39fd661ac8c23\"\u003e\u003ccode\u003ed580d3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1298\"\u003e#1298\u003c/a\u003e from ajv-validator/fix-url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fd363896a8d6c5697b5da41f4d9a400a84efaf8e\"\u003e\u003ccode\u003efd36389\u003c/code\u003e\u003c/a\u003e fix: regular expression for \u0026quot;url\u0026quot; format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/4.11.8...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `request` from 2.81.0 to 2.88.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/request/request/blob/master/CHANGELOG.md\"\u003erequest's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChange Log\u003c/h2\u003e\n\u003ch3\u003ev2.88.0 (2018/08/10)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2996\"\u003e#2996\u003c/a\u003e fix(uuid): import versioned uuid (\u003ca href=\"https://github.com/kwonoj\"\u003e\u003ccode\u003e@​kwonoj\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2994\"\u003e#2994\u003c/a\u003e Update to oauth-sign 0.9.0 (\u003ca href=\"https://github.com/dlecocq\"\u003e\u003ccode\u003e@​dlecocq\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2993\"\u003e#2993\u003c/a\u003e Fix header tests (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2904\"\u003e#2904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/request/request/issues/515\"\u003e#515\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/request/request/issues/2894\"\u003e#2894\u003c/a\u003e Strip port suffix from Host header if the protocol is known. (\u003ca href=\"https://redirect.github.com/request/request/issues/2904\"\u003e#2904\u003c/a\u003e) (\u003ca href=\"https://github.com/paambaati\"\u003e\u003ccode\u003e@​paambaati\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2791\"\u003e#2791\u003c/a\u003e Improve AWS SigV4 support. (\u003ca href=\"https://redirect.github.com/request/request/issues/2791\"\u003e#2791\u003c/a\u003e) (\u003ca href=\"https://github.com/vikhyat\"\u003e\u003ccode\u003e@​vikhyat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2977\"\u003e#2977\u003c/a\u003e Update test certificates (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.87.0 (2018/05/21)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2943\"\u003e#2943\u003c/a\u003e Replace hawk dependency with a local implemenation (\u003ca href=\"https://redirect.github.com/request/request/issues/2943\"\u003e#2943\u003c/a\u003e) (\u003ca href=\"https://github.com/hueniverse\"\u003e\u003ccode\u003e@​hueniverse\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.86.0 (2018/05/15)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2885\"\u003e#2885\u003c/a\u003e Remove redundant code (for Node.js 0.9.4 and below) and dependency (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2942\"\u003e#2942\u003c/a\u003e Make Test GREEN Again! (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2923\"\u003e#2923\u003c/a\u003e Alterations for failing CI tests (\u003ca href=\"https://github.com/gareth-robinson\"\u003e\u003ccode\u003e@​gareth-robinson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.85.0 (2018/03/12)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2880\"\u003e#2880\u003c/a\u003e Revert \u0026quot;Update hawk to 7.0.7 (\u003ca href=\"https://redirect.github.com/request/request/issues/2880\"\u003e#2880\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.84.0 (2018/03/12)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2793\"\u003e#2793\u003c/a\u003e Fixed calculation of oauth_body_hash, issue \u003ca href=\"https://redirect.github.com/request/request/issues/2792\"\u003e#2792\u003c/a\u003e (\u003ca href=\"https://github.com/dvishniakov\"\u003e\u003ccode\u003e@​dvishniakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2880\"\u003e#2880\u003c/a\u003e Update hawk to 7.0.7 (\u003ca href=\"https://redirect.github.com/request/request/issues/2880\"\u003e#2880\u003c/a\u003e) (\u003ca href=\"https://github.com/kornel-kedzierski\"\u003e\u003ccode\u003e@​kornel-kedzierski\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.83.0 (2017/09/27)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2776\"\u003e#2776\u003c/a\u003e Updating tough-cookie due to security fix. (\u003ca href=\"https://redirect.github.com/request/request/issues/2776\"\u003e#2776\u003c/a\u003e) (\u003ca href=\"https://github.com/karlnorling\"\u003e\u003ccode\u003e@​karlnorling\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.82.0 (2017/09/19)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2703\"\u003e#2703\u003c/a\u003e Add Node.js v8 to Travis CI (\u003ca href=\"https://github.com/ryysud\"\u003e\u003ccode\u003e@​ryysud\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2751\"\u003e#2751\u003c/a\u003e Update of hawk and qs to latest version (\u003ca href=\"https://redirect.github.com/request/request/issues/2751\"\u003e#2751\u003c/a\u003e) (\u003ca href=\"https://github.com/Olivier-Moreau\"\u003e\u003ccode\u003e@​Olivier-Moreau\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2658\"\u003e#2658\u003c/a\u003e Fixed some text in README.md (\u003ca href=\"https://redirect.github.com/request/request/issues/2658\"\u003e#2658\u003c/a\u003e) (\u003ca href=\"https://github.com/Marketionist\"\u003e\u003ccode\u003e@​Marketionist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2635\"\u003e#2635\u003c/a\u003e chore(package): update aws-sign2 to version 0.7.0 (\u003ca href=\"https://redirect.github.com/request/request/issues/2635\"\u003e#2635\u003c/a\u003e) (\u003ca href=\"https://github.com/greenkeeperio-bot\"\u003e\u003ccode\u003e@​greenkeeperio-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2641\"\u003e#2641\u003c/a\u003e Update README to simplify \u0026amp; update convenience methods (\u003ca href=\"https://redirect.github.com/request/request/issues/2641\"\u003e#2641\u003c/a\u003e) (\u003ca href=\"https://github.com/FredKSchott\"\u003e\u003ccode\u003e@​FredKSchott\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2541\"\u003e#2541\u003c/a\u003e Add convenience method for HTTP OPTIONS (\u003ca href=\"https://redirect.github.com/request/request/issues/2541\"\u003e#2541\u003c/a\u003e) (\u003ca href=\"https://github.com/jamesseanwright\"\u003e\u003ccode\u003e@​jamesseanwright\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2605\"\u003e#2605\u003c/a\u003e Add promise support section to README (\u003ca href=\"https://redirect.github.com/request/request/issues/2605\"\u003e#2605\u003c/a\u003e) (\u003ca href=\"https://github.com/FredKSchott\"\u003e\u003ccode\u003e@​FredKSchott\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2579\"\u003e#2579\u003c/a\u003e refactor(lint): replace eslint with standard (\u003ca href=\"https://redirect.github.com/request/request/issues/2579\"\u003e#2579\u003c/a\u003e) (\u003ca href=\"https://github.com/ahmadnassri\"\u003e\u003ccode\u003e@​ahmadnassri\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2598\"\u003e#2598\u003c/a\u003e Update codecov to version 2.0.2 🚀 (\u003ca href=\"https://github.com/greenkeeperio-bot\"\u003e\u003ccode\u003e@​greenkeeperio-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2590\"\u003e#2590\u003c/a\u003e Adds test-timing keepAlive test (\u003ca href=\"https://github.com/nicjansma\"\u003e\u003ccode\u003e@​nicjansma\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2589\"\u003e#2589\u003c/a\u003e fix tabulation on request example README.MD (\u003ca href=\"https://github.com/odykyi\"\u003e\u003ccode\u003e@​odykyi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2594\"\u003e#2594\u003c/a\u003e chore(dependencies): har-validator to 5.x [removes babel dep] (\u003ca href=\"https://github.com/ahmadnassri\"\u003e\u003ccode\u003e@​ahmadnassri\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/request/request/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 0.9.2 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/29a7bc4c817cbd87c8f5940fbeff32e879457b89\"\u003e\u003ccode\u003e29a7bc4\u003c/code\u003e\u003c/a\u003e Bump to v2.4.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/e21e993729861a2bc1d01c858cfabce7a27d2861\"\u003e\u003ccode\u003ee21e993\u003c/code\u003e\u003c/a\u003e Update v2.4.1 docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/0af1a854428b94621527d555d9243b1dc50790f8\"\u003e\u003ccode\u003e0af1a85\u003c/code\u003e\u003c/a\u003e Bump to v2.4.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/10e7bb97ee9f7fb863d7674f8433a215e1dff7a2\"\u003e\u003ccode\u003e10e7bb9\u003c/code\u003e\u003c/a\u003e Add comments to \u003ccode\u003ebaseBind\u003c/code\u003e use of \u003ccode\u003earguments\u003c/code\u003e. [ci skip] [closes \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/416\"\u003e#416\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/c319bbc5f39a28ade36a3b149274be6c077583d4\"\u003e\u003ccode\u003ec319bbc\u003c/code\u003e\u003c/a\u003e Ensure \u003ccode\u003e_.isEqual\u003c/code\u003e performs comparisons between objects with shared property ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9e42f70e5f600ece63926a241ba20bd0f233df37\"\u003e\u003ccode\u003e9e42f70\u003c/code\u003e\u003c/a\u003e Add more \u003ccode\u003elodashBadShim\u003c/code\u003e tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/ff47152187c996015ecc3f834e64903538704c51\"\u003e\u003ccode\u003eff47152\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003emax-duration\u003c/code\u003e option to sauce config.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/94b6ce5ca09dec53f9b8613ce98c23552ef104ab\"\u003e\u003ccode\u003e94b6ce5\u003c/code\u003e\u003c/a\u003e Excuse some underscore \u003ccode\u003e_.debounce\u003c/code\u003e and \u003ccode\u003e_.throttle\u003c/code\u003e tests in sauce.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/8e1020f13447848c9bae83b694c4f9c67b97c62b\"\u003e\u003ccode\u003e8e1020f\u003c/code\u003e\u003c/a\u003e Tweak \u003ccode\u003e_.now\u003c/code\u003e unit test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/be7a0fef4155cc4552276e81152f5e1cfd92271d\"\u003e\u003ccode\u003ebe7a0fe\u003c/code\u003e\u003c/a\u003e Increase sauce idle-timeout from the default of \u003ccode\u003e90\u003c/code\u003e to \u003ccode\u003e300\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/0.9.2...2.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 0.2.14 to 0.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8970f0f8e07f7cd2f20b09c1c9340f4ffbed573c\"\u003e\u003ccode\u003e8970f0f\u003c/code\u003e\u003c/a\u003e v0.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b5114a7c0976b22069637f5613ca87d393e0154f\"\u003e\u003ccode\u003eb5114a7\u003c/code\u003e\u003c/a\u003e minimatch.match: make options optional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9be6a33c5791e753c197594361cd3393c6cf7c14\"\u003e\u003ccode\u003e9be6a33\u003c/code\u003e\u003c/a\u003e Relax minimatch.match about 'option' argument\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/e9c0af6d429056db0c785747f98045781ea8f3c2\"\u003e\u003ccode\u003ee9c0af6\u003c/code\u003e\u003c/a\u003e Expand comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/460b8de51be595c2567634c404c5ab08204fc09f\"\u003e\u003ccode\u003e460b8de\u003c/code\u003e\u003c/a\u003e Rename splitFile to filename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/a5223cc2afbd5688ad07a50697e9efb6cef5a200\"\u003e\u003ccode\u003ea5223cc\u003c/code\u003e\u003c/a\u003e Look up basename using already split segments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/6517bde435dc393c365b241d92f70b17d0606c14\"\u003e\u003ccode\u003e6517bde\u003c/code\u003e\u003c/a\u003e Clarify nonull documentation\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v0.2.14...v0.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bl` from 0.9.5 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rvagg/bl/releases\"\u003ebl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove false-positive Apache-exploit (Fixes \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/79\"\u003e#79\u003c/a\u003e). \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/80\"\u003e#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ereadable-stream@3 \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/57\"\u003e#57\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd indexOf docs \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/60\"\u003e#60\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix empty shallowSlice return \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/65\"\u003e#65\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse ES3 only \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/62\"\u003e#62\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse native indexOf whenever possible \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/61\"\u003e#61\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded indexOf \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/59\"\u003e#59\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003erequire('readable-stream').Duplex\u003c/code\u003e \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/56\"\u003e#56\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for readUIntLE and companions \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/55\"\u003e#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse safe-buffer \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/51\"\u003e#51\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eshallowSlice\u003c/code\u003e when the offset are not at the beginning of an internal buffer \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/44\"\u003e#44\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rvagg/bl/blob/master/CHANGELOG.md\"\u003ebl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.5...v6.1.6\"\u003e6.1.6\u003c/a\u003e (2025-12-04)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/163\"\u003e#163\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/c51e63d1ad01426135f79b09c5a355c4c4fd9df0\"\u003ec51e63d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.4...v6.1.5\"\u003e6.1.5\u003c/a\u003e (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/162\"\u003e#162\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/823100e600b477b58e425b2fa714f66725d32b2a\"\u003e823100e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.3...v6.1.4\"\u003e6.1.4\u003c/a\u003e (2025-10-15)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/161\"\u003e#161\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/4f23fa9e1ef6053fe30d37a4f5b7c1a73156cfb9\"\u003e4f23fa9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.2...v6.1.3\"\u003e6.1.3\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/159\"\u003e#159\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/530e36f1b894dde916b5d453a7b276e4b7fb0223\"\u003e530e36f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.1...v6.1.2\"\u003e6.1.2\u003c/a\u003e (2025-08-12)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/28a385240073abe68517d56d18b442d55b16ebe9\"\u003e28a3852\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.0...v6.1.1\"\u003e6.1.1\u003c/a\u003e (2025-08-01)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps-dev:\u003c/strong\u003e bump typescript from 5.8.3 to 5.9.2 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/157\"\u003e#157\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/70f4e160c3146748ed71217b842bab27c04c70ca\"\u003e70f4e16\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.20...v6.1.0\"\u003e6.1.0\u003c/a\u003e (2025-03-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded prepend and getBuffers methods. (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/154\"\u003e#154\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/e9eda9549b1235af16afbe0c721f92e705109663\"\u003ee9eda95\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.19...v6.0.20\"\u003e6.0.20\u003c/a\u003e (2025-03-03)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps-dev:\u003c/strong\u003e bump typescript from 5.7.3 to 5.8.2 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/153\"\u003e#153\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/9291cf9ec4b3cdef8c5779c73247844f48943c02\"\u003e9291cf9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.18...v6.0.19\"\u003e6.0.19\u003c/a\u003e (2025-01-28)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/75052a573fcc5174190799f87503cf5da8f6022f\"\u003e\u003ccode\u003e75052a5\u003c/code\u003e\u003c/a\u003e 4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/88f4f431aea835cab0da4ed33bff452f1568d28d\"\u003e\u003ccode\u003e88f4f43\u003c/code\u003e\u003c/a\u003e Add default read offsets for Node Buffer compatibility (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/bd6fea1f5cf2b428a5203a39e7bfb6ce81d1e65f\"\u003e\u003ccode\u003ebd6fea1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/83f5f045c6e4d4e2df813400339271dcf1ae9d22\"\u003e\u003ccode\u003e83f5f04\u003c/code\u003e\u003c/a\u003e test: add v15 to travis\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/9aa0b029fe1a11f1c8d9c4c7dbaaafb93ec7af94\"\u003e\u003ccode\u003e9aa0b02\u003c/code\u003e\u003c/a\u003e Adds travis jobs on ppc64le\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/4aada6d440b69571a521977547a6d665270fae90\"\u003e\u003ccode\u003e4aada6d\u003c/code\u003e\u003c/a\u003e fix: duplicate license field (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/449a545b46f4a4d4c58d1cd30b1aa2221e32fac7\"\u003e\u003ccode\u003e449a545\u003c/code\u003e\u003c/a\u003e test all branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/f659836cc84211cad41b73bad89c78f7f874c626\"\u003e\u003ccode\u003ef659836\u003c/code\u003e\u003c/a\u003e Bumped v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/7a4ae7f818a4ceba234f3d186a1ffb3f0a34ad0c\"\u003e\u003ccode\u003e7a4ae7f\u003c/code\u003e\u003c/a\u003e Node v14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190\"\u003e\u003ccode\u003ed3e240e\u003c/code\u003e\u003c/a\u003e Fix unintialized memory access\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rvagg/bl/compare/v0.9.5...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~matteo.collina\"\u003ematteo.collina\u003c/a\u003e, a new releaser for bl since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `deep-extend` from 0.4.2 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unclechu/node-deep-extend/blob/master/CHANGELOG.md\"\u003edeep-extend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u0026quot;devDependencies\u0026quot; versions to fix vulnerability alerts\u003c/li\u003e\n\u003cli\u003eDropped support of io.js and node.js v0.12.x and lower since new versions of\n\u0026quot;devDependencies\u0026quot; couldn't work with those old node.js versions\n(minimal supported version of node.js now is v4.0.0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution vulnerability (thanks to \u003ca href=\"https://github.com/mwakerman\"\u003e\u003ccode\u003e@​mwakerman\u003c/code\u003e\u003c/a\u003e for the PR)\u003c/li\u003e\n\u003cli\u003eAvoid using deprecated Buffer API (thanks to \u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e for the PR)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAuto-testing provided by Travis CI;\u003c/li\u003e\n\u003cli\u003eSupport older Node.JS versions (\u003ccode\u003ev0.11.x\u003c/code\u003e and \u003ccode\u003ev0.10.x\u003c/code\u003e);\u003c/li\u003e\n\u003cli\u003eRemoved tests files from npm package.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/f3f2b4f30fffe8abc9a99a7d6469fb354ca206e9\"\u003e\u003ccode\u003ef3f2b4f\u003c/code\u003e\u003c/a\u003e more versions of node.js to test by travis-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/3d852537d92b7d1382db85128ba7d7ce5fb06df3\"\u003e\u003ccode\u003e3d85253\u003c/code\u003e\u003c/a\u003e package.json: updated \u0026quot;engines\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/8b8aef9074b67a4689ab681d3c19deacc1bb0cc7\"\u003e\u003ccode\u003e8b8aef9\u003c/code\u003e\u003c/a\u003e dropped support of old node.js versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/120fd97d3407f0754e69442ad65ee9531462a6e6\"\u003e\u003ccode\u003e120fd97\u003c/code\u003e\u003c/a\u003e increased \u0026quot;devDependencies\u0026quot; (mocha) up enough to fix vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/235821ae6d53c500909f76001e20f9faa8795d15\"\u003e\u003ccode\u003e235821a\u003c/code\u003e\u003c/a\u003e decreasing versions of \u0026quot;devDependencies\u0026quot; to fix tests for older node versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/a1eb0eb0ad0e124f649f85fe5cacfe288ea01293\"\u003e\u003ccode\u003ea1eb0eb\u003c/code\u003e\u003c/a\u003e README: removed \u0026quot;download\u0026quot; stats badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/7bebe7545251b7cf1f6f96ff630bb8bb53d09e89\"\u003e\u003ccode\u003e7bebe75\u003c/code\u003e\u003c/a\u003e CHANGELOG: info for 0.5.2 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/16b328fc7b54dd22b0b77fa99ef7b281bee90c7b\"\u003e\u003ccode\u003e16b328f\u003c/code\u003e\u003c/a\u003e 0.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/0402225f7283392862e2f8c94dd33e1a849dc9cd\"\u003e\u003ccode\u003e0402225\u003c/code\u003e\u003c/a\u003e updated \u0026quot;devDependencies\u0026quot; to fix vulnerability alerts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/2e0110ed4c997bbd9bf29df1692d53494d9e90d4\"\u003e\u003ccode\u003e2e0110e\u003c/code\u003e\u003c/a\u003e prepared v0.5.1 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/unclechu/node-deep-extend/compare/v0.4.2...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.0 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.0...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 2.1.4 to 2.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAdded \u003ccode\u003efilepath\u003c/code\u003e option\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003efilepath\u003c/code\u003e property overrides \u003ccode\u003efilename\u003c/code\u003e and may contain a relative path. This is typically used when uploading \u003ca href=\"https://wicg.github.io/entries-api/#dom-htmlinputelement-webkitdirectory\"\u003emultiple files from a directory\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sebdeckers\"\u003e\u003ccode\u003e@​sebdeckers\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `getobject` from 0.1.0 to 1.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cowboy/node-getobject/releases\"\u003egetobject's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7  6f86cf7\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7  6e79841\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate deps  141e3a5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9  c97cf3e\u003c/li\u003e\n\u003cli\u003eBump hosted-git-info from 2.8.8 to 2.8.9  201e91b\u003c/li\u003e\n\u003cli\u003eUpdate dev deps  5ffb873\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/46e55ec15488e995fe61aaf4f91f9264bb5ff36b\"\u003e\u003ccode\u003e46e55ec\u003c/code\u003e\u003c/a\u003e 1.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6f86cf76f9194ca7ec28a6990717670af47b44dd\"\u003e\u003ccode\u003e6f86cf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6e7984192ba239a82b5eb606feabb56a11c3c4eb\"\u003e\u003ccode\u003e6e79841\u003c/code\u003e\u003c/a\u003e Bump path-parse from 1.0.6 to 1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/84bd719a3d77a44a22d6d7fa70707659c668d4f2\"\u003e\u003ccode\u003e84bd719\u003c/code\u003e\u003c/a\u003e 1.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/141e3a580adc253e145ca2b7fa909e12244ac836\"\u003e\u003ccode\u003e141e3a5\u003c/code\u003e\u003c/a\u003e Update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/c97cf3e1eb18069d3426a5ec2b4dd5c1e15412a7\"\u003e\u003ccode\u003ec97cf3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/201e91b7ba81a7d820db857c00e8de1ed36fee5e\"\u003e\u003ccode\u003e201e91b\u003c/code\u003e\u003c/a\u003e Bump hosted-git-info from 2.8.8 to 2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/5ffb873fc3197506d7c825d342a07e394300b80c\"\u003e\u003ccode\u003e5ffb873\u003c/code\u003e\u003c/a\u003e Update dev deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/92e0d1f0400a4ff87a91c3569f84768c6c7b3efb\"\u003e\u003ccode\u003e92e0d1f\u003c/code\u003e\u003c/a\u003e 1.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6828cb984bf73bddd29208bf40ff10cd370e09c1\"\u003e\u003ccode\u003e6828cb9\u003c/code\u003e\u003c/a\u003e README updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cowboy/node-getobject/compare/v0.1.0...v1.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~vladikoff\"\u003evladikoff\u003c/a\u003e, a new releaser for getobject since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ini` from 1.3.4 to 1.3.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/a2c5da86604bc2238fe393c5ff083bf23a9910eb\"\u003e\u003ccode\u003ea2c5da8\u003c/code\u003e\u003c/a\u003e 1.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/af5c6bb5dca6f0248c153aa87e25bddfc515ff6e\"\u003e\u003ccode\u003eaf5c6bb\u003c/code\u003e\u003c/a\u003e Do not use Object.create(null)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/8b648a1ac49e1b3b7686ea957e0b95e544bc6ec1\"\u003e\u003ccode\u003e8b648a1\u003c/code\u003e\u003c/a\u003e don't test where our devdeps don't even work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/c74c8af35f32b801a7e82a8309eab792a95932f6\"\u003e\u003ccode\u003ec74c8af\u003c/code\u003e\u003c/a\u003e 1.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/024b8b55ac1c980c6225607b007714c54eb501ba\"\u003e\u003ccode\u003e024b8b5\u003c/code\u003e\u003c/a\u003e update deps, add linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/032fbaf5f0b98fce70c8cc380e0d05177a9c9073\"\u003e\u003ccode\u003e032fbaf\u003c/code\u003e\u003c/a\u003e Use Object.create(null) to avoid default object property hazards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/2da90391ef70db41d10f013e3a87f9a8c5d01a72\"\u003e\u003ccode\u003e2da9039\u003c/code\u003e\u003c/a\u003e 1.3.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/cfea636f534b5ca7550d2c28b7d1a95d936d56c6\"\u003e\u003ccode\u003ecfea636\u003c/code\u003e\u003c/a\u003e better git push script, before publish instead of after\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1\"\u003e\u003ccode\u003e56d2805\u003c/code\u003e\u003c/a\u003e do not allow invalid hazardous string as section name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/738eca59d77d8cfdddf5c477c17a0d8f8fbfe0fd\"\u003e\u003ccode\u003e738eca5\u003c/code\u003e\u003c/a\u003e v1.3.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/ini/compare/v1.3.4...v1.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for ini since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 2.0.5 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/2.0.5...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json-schema` from 0.2.3 to 0.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa\"\u003e\u003ccode\u003ef6f6a3b\u003c/code\u003e\u003c/a\u003e Use a little more robust method of checking instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/ef60987a9a14b9d9c739384460044ba53cd9b9a2\"\u003e\u003ccode\u003eef60987\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a\"\u003e\u003ccode\u003eb62f1da\u003c/code\u003e\u003c/a\u003e Protect against constructor modification, \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/84\"\u003e#84\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/fb427cd4d175684786e4b2538718e72453e825e9\"\u003e\u003ccode\u003efb427cd\u003c/code\u003e\u003c/a\u003e Link to json-schema-org repository in addition to site, fixes \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/54\"\u003e#54\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741\"\u003e\u003ccode\u003e22f1461\u003c/code\u003e\u003c/a\u003e Don't allow \u003cstrong\u003eproto\u003c/strong\u003e property to be used for schema default/coerce, fixes \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/84\"\u003e#84\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/c52a27c653428149e4f9fb776d5e110d04639a9c\"\u003e\u003ccode\u003ec52a27c\u003c/code\u003e\u003c/a\u003e Get basic test to pass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/b3f42b3331608fe83b6cc267c5fc513ec1b839ed\"\u003e\u003ccode\u003eb3f42b3\u003c/code\u003e\u003c/a\u003e Add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/3b0cec3042a5aac5c967fd43475f5edc4c5b6eff\"\u003e\u003ccode\u003e3b0cec3\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/c28470f2d64bace29c73d140f9c6876e3c3a9fef\"\u003e\u003ccode\u003ec28470f\u003c/code\u003e\u003c/a\u003e Update readme to acknowledge the state of the package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/7dff9cd2c35c31ff3c43fa4e38737c94283dd3d3\"\u003e\u003ccode\u003e7dff9cd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://re...\n\n_Description has been truncated_","html_url":"https://github.com/luislobo/photon/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/luislobo%2Fphoton/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4197400780","node_id":"PR_kwDODn5Zn87PsIoJ","number":10,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-02T23:35:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T23:11:41.000Z","updated_at":"2026-04-02T23:35:20.000Z","time_to_close":1417,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.19.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joshmu/grant-scraper-api/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/joshmu/grant-scraper-api/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/joshmu%2Fgrant-scraper-api/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4183359193","node_id":"PR_kwDOG1BSP87PHH9t","number":33,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-01T01:20:00.000Z","updated_at":"2026-04-01T14:33:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"@babel/traverse","old_version":"7.9.0","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"async","old_version":"2.6.3","new_version":"2.6.4","repository_url":"https://github.com/caolan/async"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"json5","old_version":"2.1.2","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimist","old_version":"1.2.5","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"plist","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/TooTallNate/node-plist"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"simple-plist","old_version":"1.1.0","new_version":"1.3.1","repository_url":"https://github.com/wollardj/simple-plist"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.9.0` | `7.29.0` |\n| [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.1.2` | `2.2.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [plist](https://github.com/TooTallNate/node-plist) | `3.0.1` | `3.1.0` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n| [simple-plist](https://github.com/wollardj/simple-plist) | `1.1.0` | `1.3.1` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 13 updates in the /example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.2.3` | `7.29.0` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.0.0` | `4.1.1` |\n| [async](https://github.com/caolan/async) | `2.6.1` | `2.6.4` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` |\n| [json5](https://github.com/json5/json5) | `2.1.0` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.1` | `4.7.9` |\n| [semver](https://github.com/npm/node-semver) | `5.6.0` | `5.7.2` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n\n\nUpdates `@babel/traverse` from 7.9.0 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `async` from 2.6.3 to 2.6.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md\"\u003easync's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev2.6.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential prototype pollution exploit (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/c6bdaca4f9175c14fc655d3783c6af6a883e6514\"\u003e\u003ccode\u003ec6bdaca\u003c/code\u003e\u003c/a\u003e Version 2.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8870da9d5022bab310413041b4079e10db3980b7\"\u003e\u003ccode\u003e8870da9\u003c/code\u003e\u003c/a\u003e Update built files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/4df6754ef4e96a742956df8782fee27242a2ea12\"\u003e\u003ccode\u003e4df6754\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2\"\u003e\u003ccode\u003e8f7f903\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/caolan/async/compare/v2.6.3...v2.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hargasinski\"\u003ehargasinski\u003c/a\u003e, a new releaser for async since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.13.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json5` from 2.1.2 to 2.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/releases\"\u003ejson5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There is no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/blob/main/CHANGELOG.md\"\u003ejson5's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev2.2.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.2...v2.2.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of\nv1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.1...v2.2.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.1\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.0...v2.2.1\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.0 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.0\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.3...v2.2.0\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There\nis no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e,\n\u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776\"\u003e\u003ccode\u003ec3a7524\u003c/code\u003e\u003c/a\u003e 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39\"\u003e\u003ccode\u003e94fd06d\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce\"\u003e\u003ccode\u003e3b8cebf\u003c/code\u003e\u003c/a\u003e docs(security): use GitHub security advisories\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c\"\u003e\u003ccode\u003ef0fd9e1\u003c/code\u003e\u003c/a\u003e docs: publish a security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0\"\u003e\u003ccode\u003e6a91a05\u003c/code\u003e\u003c/a\u003e docs(template): bug -\u0026gt; bug report\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650\"\u003e\u003ccode\u003e14f8cb1\u003c/code\u003e\u003c/a\u003e 2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46\"\u003e\u003ccode\u003e10cc7ca\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8\"\u003e\u003ccode\u003e7774c10\u003c/code\u003e\u003c/a\u003e fix: add \u003cstrong\u003eproto\u003c/strong\u003e to objects and arrays\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d\"\u003e\u003ccode\u003eedde30a\u003c/code\u003e\u003c/a\u003e Readme: slight tweak to intro\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16\"\u003e\u003ccode\u003e97286f8\u003c/code\u003e\u003c/a\u003e Improve example in readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.5 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `plist` from 3.0.1 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/plist.js/blob/master/History.md\"\u003eplist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.1.0 / 2023-07-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ereplace inlined xmldom with \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.5 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/plist.js/commit/96e2303d059e6be0c9e0c4773226d14b4758de52\"\u003e[\u003ccode\u003e96e2303d05\u003c/code\u003e]\u003c/a\u003e Prototype Pollution using .parse() \u003ca href=\"https://redirect.github.com/TooTallNate/node-plist/issues/114\"\u003e#114\u003c/a\u003e (mario-canva)\u003c/li\u003e\n\u003cli\u003eupdate browserify from 16 to 17\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.4 / 2021-08-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003einline xmldom@0.6.0 to eliminate security warning false positive (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.3 / 2021-08-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupdate xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eremove flaky saucelabs teseting badge (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.2 / 2021-03-25\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupdate xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eupdate saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eremove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/node-plist/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-plist` from 1.1.0 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wollardj/simple-plist/releases\"\u003esimple-plist's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTypeScript\u003c/h2\u003e\n\u003cp\u003eThis release is a rewrite of the JavaScript code into TypeScript code to add strong typing for those who would choose to use it.\u003c/p\u003e\n\u003cp\u003eAs this is a minor release there should be minimal risk in upgrading from \u003ccode\u003ev1.1.1\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/1b1333c639e4628630b43814e096a1f17aececda\"\u003e\u003ccode\u003e1b1333c\u003c/code\u003e\u003c/a\u003e v1.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/7adf995baf55a2604c035bfcafe6968148a22def\"\u003e\u003ccode\u003e7adf995\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​types/jest\u003c/code\u003e to ^27.4.1 (and 4 others)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/c5b4db04ff2afa44b8197e061c1ab10278dadcdc\"\u003e\u003ccode\u003ec5b4db0\u003c/code\u003e\u003c/a\u003e test: CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/3ad9688092c1e2b327ea1b34fc2592db4e9ebb05\"\u003e\u003ccode\u003e3ad9688\u003c/code\u003e\u003c/a\u003e update bplist-parser to 0.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/26d93f4f6721d404af00e3152d77bf83e3b54043\"\u003e\u003ccode\u003e26d93f4\u003c/code\u003e\u003c/a\u003e update tests to use inline snapshots\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/670e22fd6e46549a1d32d1065981e0f58eab98d6\"\u003e\u003ccode\u003e670e22f\u003c/code\u003e\u003c/a\u003e fix: update plist to 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/bb4b04a39ffa66677ca47d63f3ac6927685901ee\"\u003e\u003ccode\u003ebb4b04a\u003c/code\u003e\u003c/a\u003e v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/eb2f4f15c27fa7bd930b95e7a033090d88f73f66\"\u003e\u003ccode\u003eeb2f4f1\u003c/code\u003e\u003c/a\u003e docs: update documentation to include typescript examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/f0e7fea80f2aca3904b4b0152071ee14da40536e\"\u003e\u003ccode\u003ef0e7fea\u003c/code\u003e\u003c/a\u003e update git repo url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/c02c8056ebfe478de0565273f28ec6c858468a90\"\u003e\u003ccode\u003ec02c805\u003c/code\u003e\u003c/a\u003e yarn3 + typescript (\u003ca href=\"https://redirect.github.com/wollardj/simple-plist/issues/56\"\u003e#56\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/wollardj/simple-plist/compare/1.1.0...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `word-wrap` from 1.2.3 to 1.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jonschlinkert/word-wrap/releases\"\u003eword-wrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanges\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eReverts default value for \u003ccode\u003eoptions.indent\u003c/code\u003e to two spaces \u003ccode\u003e'  '\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5\"\u003ehttps://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove default indent by \u003ca href=\"https://github.com/mohd-akram\"\u003e\u003ccode\u003e@​mohd-akram\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/24\"\u003ejonschlinkert/word-wrap#24\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔒fix: CVE 2023 26115 (2) by \u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/41\"\u003ejonschlinkert/word-wrap#41\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:lock: fix: CVE-2023-26115 by \u003ca href=\"https://github.com/aashutoshrathi\"\u003e\u003ccode\u003e@​aashutoshrathi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/33\"\u003ejonschlinkert/word-wrap#33\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: publish workflow by \u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/42\"\u003ejonschlinkert/word-wrap#42\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohd-akram\"\u003e\u003ccode\u003e@​mohd-akram\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/24\"\u003ejonschlinkert/word-wrap#24\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/41\"\u003ejonschlinkert/word-wrap#41\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aashutoshrathi\"\u003e\u003ccode\u003e@​aashutoshrathi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/33\"\u003ejonschlinkert/word-wrap#33\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4\"\u003ehttps://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/207044ebda1dd3809d15b6000a48409266536771\"\u003e\u003ccode\u003e207044e\u003c/code\u003e\u003c/a\u003e 1.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/98943154855b0dd79b707462b9202614990c7f61\"\u003e\u003ccode\u003e9894315\u003c/code\u003e\u003c/a\u003e revert default indent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/f64b188c7261d26b99e1e2075d6b12f21798e83a\"\u003e\u003ccode\u003ef64b188\u003c/code\u003e\u003c/a\u003e run verb to generate README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/03ea08256ba0c8e8b02b1b304f0f5bd2b1863207\"\u003e\u003ccode\u003e03ea082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/issues/42\"\u003e#42\u003c/a\u003e from jonschlinkert/chore/publish-workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/420dce9a2412b21881202b73a3c34f0edc53cb2e\"\u003e\u003ccode\u003e420dce9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/issues/41\"\u003e#41\u003c/a\u003e from jonschlinkert/fix/CVE-2023-26115-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/bfa694edf55bb84ff84512f13da6d68bf7593f06\"\u003e\u003ccode\u003ebfa694e\u003c/code\u003e\u003c/a\u003e Update .github/workflows/publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/ace0b3c78f81aaf43040bab3bc91d3c5546d3fd2\"\u003e\u003ccode\u003eace0b3c\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/6fd727594676f3e1b196b08a320908bec2f4ca02\"\u003e\u003ccode\u003e6fd7275\u003c/code\u003e\u003c/a\u003e chore: add publish workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/30d6daf60fce429f5f559252fa86ee78200652c4\"\u003e\u003ccode\u003e30d6daf\u003c/code\u003e\u003c/a\u003e chore: fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/655929cabea6299dddf3b4a21fc3713fca701b48\"\u003e\u003ccode\u003e655929c\u003c/code\u003e\u003c/a\u003e chore: remove package-lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.2.3 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/detail...\n\n_Description has been truncated_\n\n\u003c!-- CURSOR_SUMMARY --\u003e\n---\n\n\u003e [!NOTE]\n\u003e **Medium Risk**\n\u003e Primarily lockfile/dependency version bumps, but several transitive upgrades (including `react-native` ecosystem tooling) could affect build or runtime behavior across both the library and `example` app.\n\u003e \n\u003e **Overview**\n\u003e Updates npm/yarn dependencies across the repo and the `example` app, refreshing both direct and transitive packages (including security-related bumps like `minimist`, `js-yaml`, `json5`, and `async`).\n\u003e \n\u003e **Review checklist**: Linked issue(s): *none referenced*. Acceptance criteria: ✅ (*dependency versions updated*). Scope validation: ✅ (*dependency/lockfile-only change; no product code changes observed*). Test coverage: ⚠️ (*no new/updated tests; recommend running CI + `npm test` and a quick `example` build/run*). Blockers/concerns: ⚠️ (*watch for lockfile drift and any install-script additions in updated packages*).\n\u003e \n\u003e \u003csup\u003eWritten by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit db276c878074230eeee4e9e548665941e08b4475. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).\u003c/sup\u003e\n\u003c!-- /CURSOR_SUMMARY --\u003e","html_url":"https://github.com/millionscard/react-native-otp-input/pull/33","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/millionscard%2Freact-native-otp-input/issues/33","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/33/packages"},{"uuid":"4182981123","node_id":"PR_kwDODXTmnM7PF-qM","number":7,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T23:43:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T23:26:48.000Z","updated_at":"2026-03-31T23:43:47.000Z","time_to_close":1017,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.2","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.3","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.14.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awrennuit/jquery-serverside-calculator/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/awrennuit/jquery-serverside-calculator/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awrennuit%2Fjquery-serverside-calculator/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4182912203","node_id":"PR_kwDODW0sos7PFzWa","number":6,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T23:16:16.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T23:10:09.000Z","updated_at":"2026-03-31T23:16:18.000Z","time_to_close":367,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awrennuit/produce-herb-store/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/awrennuit/produce-herb-store/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awrennuit%2Fproduce-herb-store/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4171646207","node_id":"PR_kwDOPpNwGc7OqFY0","number":1,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-09T23:33:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-30T15:19:05.000Z","updated_at":"2026-04-09T23:33:07.000Z","time_to_close":893640,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"file-type","old_version":"14.1.4","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"qs","old_version":"6.9.1","new_version":"6.14.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ajv","old_version":"6.10.2","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.19.0","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"handlebars","old_version":"4.5.3","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"koa","old_version":"2.11.0","new_version":"3.1.2","repository_url":"https://github.com/koajs/koa"},{"name":"path-to-regexp","old_version":"6.1.0","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"@babel/helpers","old_version":"7.7.4","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"lodash","old_version":"4.17.15","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.0.17","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.2.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"2.0.0","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"yaml","old_version":"1.7.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [file-type](https://github.com/sindresorhus/file-type) | `14.1.4` | `21.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.9.1` | `6.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.10.2` | `6.14.0` |\n| [axios](https://github.com/axios/axios) | `0.19.0` | `0.30.3` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [koa](https://github.com/koajs/koa) | `2.11.0` | `3.1.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.1.0` | `6.3.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.7.4` | `7.29.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.23` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.0.17` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.0` | `2.1.4` |\n| [yaml](https://github.com/eemeli/yaml) | `1.7.2` | `1.10.3` |\n\n\nUpdates `file-type` from 14.1.4 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v14.1.4...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.9.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.9.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.10.2 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d580d3e8ac6a467670d68d86e3a39fd661ac8c23\"\u003e\u003ccode\u003ed580d3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1298\"\u003e#1298\u003c/a\u003e from ajv-validator/fix-url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fd363896a8d6c5697b5da41f4d9a400a84efaf8e\"\u003e\u003ccode\u003efd36389\u003c/code\u003e\u003c/a\u003e fix: regular expression for \u0026quot;url\u0026quot; format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.10.2...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.19.0 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.19.0...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jasonsaayman\"\u003ejasonsaayman\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.5.3 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.5.3...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.13.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `koa` from 2.11.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ekoa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: typo in troubleshooting.md by \u003ca href=\"https://github.com/WuMingDao\"\u003e\u003ccode\u003e@​WuMingDao\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1916\"\u003ekoajs/koa#1916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1921\"\u003ekoajs/koa#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump http-errors from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1919\"\u003ekoajs/koa#1919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump mime-types from 3.0.1 to 3.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1918\"\u003ekoajs/koa#1918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use correct term \u0026quot;Server-Sent Events\u0026quot; in guide by \u003ca href=\"https://github.com/jtr860830\"\u003e\u003ccode\u003e@​jtr860830\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1920\"\u003ekoajs/koa#1920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1917\"\u003ekoajs/koa#1917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1922\"\u003ekoajs/koa#1922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(security): Host Header Injection via \u003ccode\u003ectx.hostname\u003c/code\u003e by \u003ca href=\"https://github.com/killagu\"\u003e\u003ccode\u003e@​killagu\u003c/code\u003e\u003c/a\u003e  \u003ca href=\"https://github.com/koajs/koa/security/advisories/GHSA-7gcc-r8m5-44qm\"\u003ehttps://github.com/koajs/koa/security/advisories/GHSA-7gcc-r8m5-44qm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WuMingDao\"\u003e\u003ccode\u003e@​WuMingDao\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1916\"\u003ekoajs/koa#1916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jtr860830\"\u003e\u003ccode\u003e@​jtr860830\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1920\"\u003ekoajs/koa#1920\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/koajs/koa/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: only original value destroy if the new value is not a stream by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1914\"\u003ekoajs/koa#1914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/koajs/koa/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: fixes mem leak relating to issue-1834 by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1893\"\u003ekoajs/koa#1893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: adds steam clean up by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1910\"\u003ekoajs/koa#1910\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.3...v3.1.0\"\u003ehttps://github.com/koajs/koa/compare/v3.0.3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: normalize referer before redirect by \u003ca href=\"https://github.com/fengmk2\"\u003e\u003ccode\u003e@​fengmk2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1908\"\u003ekoajs/koa#1908\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.2...v3.0.3\"\u003ehttps://github.com/koajs/koa/compare/v3.0.2...v3.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: fixes response.attachment behaviour leads to Content-Type Sniffing by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1904\"\u003ekoajs/koa#1904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use NPM trusted publishing with semver tag triggers by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1907\"\u003ekoajs/koa#1907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1907\"\u003ekoajs/koa#1907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.1...v3.0.2\"\u003ehttps://github.com/koajs/koa/compare/v3.0.1...v3.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/blob/master/History.md\"\u003ekoa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nMoving forwards we are using the GitHub releases page at \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ehttps://github.com/koajs/koa/releases\u003c/a\u003e in combination with \u003ca href=\"https://www.npmjs.com/package/np\"\u003enp\u003c/a\u003e for publishing releases and their changelogs.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003e3.0.0-alpha.3 / 2025-02-11\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid redos on host and protocol getter\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.2 / 2024-11-04\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003ebreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ehttp-errors\u003c/code\u003e to \u003ccode\u003ev2.0.0\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1486\"\u003e#1486\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ectx.throw\u003c/code\u003e now requires a format of \u003ccode\u003ectx.throw(status, error, properties)\u003c/code\u003e. See: \u003ca href=\"https://www.npmjs.com/package/http-errors\"\u003ehttps://www.npmjs.com/package/http-errors\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eres.redirect('back')\u003c/code\u003e, add \u003ccode\u003eback()\u003c/code\u003e method to \u003ccode\u003ectx\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1115\"\u003e#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace node querystring with \u003ccode\u003eURLSearchParams\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1828\"\u003e#1828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove obsolete \u003ccode\u003ecreateAsyncCtxStorageMiddleware\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1817\"\u003e#1817\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003efeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for web WHATWG \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1830\"\u003e#1830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eupdates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ecookies\u003c/code\u003e to \u003ccode\u003e~0.9.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1846\"\u003e#1846\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate \u003ccode\u003estatuses\u003c/code\u003e to \u003ccode\u003e^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate \u003ccode\u003esupertest\u003c/code\u003e to \u003ccode\u003e^7.0.0\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1841\"\u003e#1841\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eexports.defaults\u003c/code\u003e in \u003ccode\u003epackage.json\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1630\"\u003e#1630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix leaky handles in tests \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1838\"\u003e#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix body null checks \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1814\"\u003e#1814\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reformatting redirect URLs \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1805\"\u003e#1805\u003c/a\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1804\"\u003e#1804\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing \u003ccode\u003ectx\u003c/code\u003e in error handler \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1758\"\u003e#1758\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003emigrations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate from \u003ccode\u003ejest\u003c/code\u003e to the native node test runner \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1845\"\u003e#1845\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.1 / 2023-04-12\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[\u003ca href=\"http://github.com/koajs/koa/commit/e98b8d1918376dc2957aa62906bf5893bef66c4c\"\u003e\u003ccode\u003ee98b8d1\u003c/code\u003e\u003c/a\u003e] - fix: can not get currentContext in error handler (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1758\"\u003e#1758\u003c/a\u003e) (Gxkl \u0026lt;\u003ca href=\"mailto:gxkl203@gmail.com\"\u003egxkl203@gmail.com\u003c/a\u003e\u0026gt;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.0 / 2023-01-02\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/c5a52e056d61afa012a08d3aa89a59bce5ccbf1b\"\u003e\u003ccode\u003ec5a52e0\u003c/code\u003e\u003c/a\u003e 3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/55ab9bab044ead4e82c70a30a4f9dc0fc9c1b6df\"\u003e\u003ccode\u003e55ab9ba\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/fecd464ae7be82bd71b275c1faa746dd1c45ef5b\"\u003e\u003ccode\u003efecd464\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/d2066cf2a52fe3aeeb5778c8cce204a73ea6fb87\"\u003e\u003ccode\u003ed2066cf\u003c/code\u003e\u003c/a\u003e build(deps): bump content-disposition from 0.5.4 to 1.0.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/8694a06eb67aeec90f06f17b2a716bccfbad11e5\"\u003e\u003ccode\u003e8694a06\u003c/code\u003e\u003c/a\u003e docs: use correct term \u0026quot;Server-Sent Events\u0026quot; in guide (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1920\"\u003e#1920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/096682b31592b20319549f57517abf3fc90649a1\"\u003e\u003ccode\u003e096682b\u003c/code\u003e\u003c/a\u003e build(deps): bump mime-types from 3.0.1 to 3.0.2 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1918\"\u003e#1918\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/8215c2e3896932d966951042f9a0d8aa743e40fe\"\u003e\u003ccode\u003e8215c2e\u003c/code\u003e\u003c/a\u003e build(deps): bump http-errors from 2.0.0 to 2.0.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1919\"\u003e#1919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/cfe5ec6aea6acf2ebf2868687692dae7fac726fe\"\u003e\u003ccode\u003ecfe5ec6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump qs from 6.14.0 to 6.14.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1921\"\u003e#1921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/0a6afa5a6107c0c8baf4722e29de7566f33d1651\"\u003e\u003ccode\u003e0a6afa5\u003c/code\u003e\u003c/a\u003e fix: typo in troubleshooting.md (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/2e52fb589c29c9aa6f0915515263372c3a2ce4bf\"\u003e\u003ccode\u003e2e52fb5\u003c/code\u003e\u003c/a\u003e 3.1.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/koajs/koa/compare/2.11.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for koa since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.1.0 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix matching \u003ccode\u003e:name*\u003c/code\u003e parameter\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid matching of \u003ccode\u003e:name*\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/261\"\u003e#261\u003c/a\u003e)  762bc6b\u003c/li\u003e\n\u003cli\u003eCompare delimiter string over regexp  86baef8\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNew example in documentation (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/256\"\u003e#256\u003c/a\u003e)  ae9e576\u003c/li\u003e\n\u003cli\u003eUpdate demo link (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/250\"\u003e#250\u003c/a\u003e)  77df638\u003c/li\u003e\n\u003cli\u003eUpdate README encode example  b39edd4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.0...v6.2.1\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.0...v6.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNamed Capturing Groups\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport named capturing groups for RegExps (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003estrict\u003c/code\u003e flag documentation (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore test files when bundling (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/220\"\u003e#220\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.1.0...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.7.4 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.8 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.8...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fanatid\"\u003efanatid\u003c/a\u003e, a new releaser for bn.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/saasify/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fsaasify/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}],"issue_packages":[{"old_version":"1.14.1","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-05-30T09:35:50.000Z","version_change":"1.14.1 → 1.16.3","issue":{"uuid":"4554001511","node_id":"PR_kwDOQ3fS3M7g7JxM","number":2,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 6 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:35:50.000Z","updated_at":"2026-05-30T09:40:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":11,"packages":[{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"send","old_version":"0.17.1","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [send](https://github.com/pillarjs/send) | `0.17.1` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n\nBumps the npm_and_yarn group with 5 updates in the /11-integrating-with-function-calling/typescript/function-app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.15` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [axios](https://github.com/axios/axios) | `1.12.0` | `1.16.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `2.0.0` | `2.0.1` |\n\nBumps the npm_and_yarn group with 4 updates in the /09-building-image-applications/typescript/image-generation-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /08-building-search-applications/typescript/search-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /07-building-chat-applications/typescript/chat-completions-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /06-text-generation-apps/typescript/recipe-app directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [minimatch](https://github.com/isaacs/minimatch), [picomatch](https://github.com/micromatch/picomatch) and [qs](https://github.com/ljharb/qs).\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.0 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes bug when a pattern containing an expression after the closing parenthesis (\u003ccode\u003e/!(*.d).{ts,tsx}\u003c/code\u003e) was incorrectly converted to regexp (\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241ef\"\u003e9f241ef\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSome documentation improvements (\u003ca href=\"https://github.com/micromatch/picomatch/commit/f81d236\"\u003ef81d236\u003c/a\u003e, \u003ca href=\"https://github.com/micromatch/picomatch/commit/421e0e7\"\u003e421e0e7\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5467a5a9638472610de4f30709991b9a56bb5613\"\u003e\u003ccode\u003e5467a5a\u003c/code\u003e\u003c/a\u003e 2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241efedc15a21bcec1edafd43ee773ceb4bc35\"\u003e\u003ccode\u003e9f241ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/102\"\u003e#102\u003c/a\u003e from micromatch/ISSUE-93_incorrect_extglob_expanding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac3cb660ca76764627aa825676df59378dd60bcd\"\u003e\u003ccode\u003eac3cb66\u003c/code\u003e\u003c/a\u003e fix: support stars in negation extglobs with expression after closing parenth...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/719d348d8a01cf23c6c10568191c1ad5a3fc33e3\"\u003e\u003ccode\u003e719d348\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/85\"\u003e#85\u003c/a\u003e from XhmikosR/codeql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac74e57b38a0d16de8e1752a62003e49c1622cec\"\u003e\u003ccode\u003eac74e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/91\"\u003e#91\u003c/a\u003e from XhmikosR/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.0...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.17.1 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.18.0 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.17.2 / 2021-12-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003cli\u003edeps: http-errors@1.8.1\n\u003cul\u003e\n\u003cli\u003edeps: inherits@2.0.4\u003c/li\u003e\n\u003cli\u003edeps: toidentifier@1.0.1\u003c/li\u003e\n\u003cli\u003edeps: setprototypeof@1.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b69cbb3dc4c09c37917d08a4c13fcd1bac97ade5\"\u003e\u003ccode\u003eb69cbb3\u003c/code\u003e\u003c/a\u003e 0.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f53edbb7f4f7ebdd936d3d714d84d52f2d3d00f3\"\u003e\u003ccode\u003ef53edbb\u003c/code\u003e\u003c/a\u003e Limit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/706d6ddf0d3c8a9248fc1edbc3ff60bbc6ad7b93\"\u003e\u003ccode\u003e706d6dd\u003c/code\u003e\u003c/a\u003e docs: add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b690ba4bd149d20fa6687ee6298fb6aede5b21d7\"\u003e\u003ccode\u003eb690ba4\u003c/code\u003e\u003c/a\u003e docs: fix linux build badge link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.17.1...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.2 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes bug when a pattern containing an expression after the closing parenthesis (\u003ccode\u003e/!(*.d).{ts,tsx}\u003c/code\u003e) was incorrectly converted to regexp (\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241ef\"\u003e9f241ef\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSome documentation improvements (\u003ca href=\"https://github.com/micromatch/picomatch/commit/f81d236\"\u003ef81d236\u003c/a\u003e, \u003ca href=\"https://github.com/micromatch/picomatch/commit/421e0e7\"\u003e421e0e7\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5467a5a9638472610de4f30709991b9a56bb5613\"\u003e\u003ccode\u003e5467a5a\u003c/code\u003e\u003c/a\u003e 2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9f241efedc15a21bcec1edafd43ee773ceb4bc35\"\u003e\u003ccode\u003e9f241ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/102\"\u003e#102\u003c/a\u003e from micromatch/ISSUE-93_incorrect_extglob_expanding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac3cb660ca76764627aa825676df59378dd60bcd\"\u003e\u003ccode\u003eac3cb66\u003c/code\u003e\u003c/a\u003e fix: support stars in negation extglobs with expression after closing parenth...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/719d348d8a01cf23c6c10568191c1ad5a3fc33e3\"\u003e\u003ccode\u003e719d348\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/85\"\u003e#85\u003c/a\u003e from XhmikosR/codeql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/ac74e57b38a0d16de8e1752a62003e49c1622cec\"\u003e\u003ccode\u003eac74e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/91\"\u003e#91\u003c/a\u003e from XhmikosR/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.0...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.12.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate dependency versions across the root and 6 example apps to pick up security fixes and minor improvements. Notable changes include `axios` upgrades in the function-calling app and refreshed libraries for globbing and static file serving.\n\n- **Dependencies**\n  - `axios` → `^1.16.0` in `11-integrating-with-function-calling/typescript/function-app` (stricter size limits; adapter fixes). Also bumps `follow-redirects` and `proxy-from-env`.\n  - Globbing stack: `brace-expansion` → `1.1.15`/`2.1.1`, `minimatch` → `3.1.5`/`9.0.9`, `picomatch` → `2.3.2` (addresses ReDoS/CVEs).\n  - `lodash` → `4.18.1` (security and bug fixes).\n  - Static serving: `send` → `0.19.2`, `serve-static` → `1.16.3` (dependency updates incl. `encodeurl@~2.0.0`).\n  - `ansi-regex` → `4.1.1`/`5.0.1` (ReDoS fix).\n  - Minor patches: `@tootallnate/once` → `2.0.1`, `qs` → `6.15.2`.\n\n- **Migration**\n  - If you use the `axios` fetch adapter, `maxBodyLength` and `maxContentLength` are now enforced; adjust limits if needed. Run `npm ci` and smoke test HTTP calls and static file hosting flows.\n\n\u003csup\u003eWritten for commit 2ef687eca2eb0bca18e7def66432cce678f1c1fe. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/generative-ai-for-beginners/pull/2?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across 6 TypeScript app directories\n\u003e Updates `package-lock.json` files across 6 TypeScript sample apps and bumps `axios` from `^1.12.0` to `^1.16.0` in [function-app/package.json](https://github.com/EmilynnJ/generative-ai-for-beginners/pull/2/files#diff-73386eaaba005f457c749d235af22257ca4ab75e08e7816ed776550549a11add).\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 2ef687e.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/generative-ai-for-beginners/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Fgenerative-ai-for-beginners/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-05-24T00:33:42.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4510028374","node_id":"PR_kwDOO5rMgM7etOKA","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T00:33:42.000Z","updated_at":"2026-05-24T00:34:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"ai","old_version":"4.1.36","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.24.7","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fast-xml-parser","old_version":"4.4.0","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"vm2","old_version":"3.9.19","new_version":"3.11.5","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `4.1.36` | `5.0.52` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.24.7` | `7.29.4` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.0` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.11.5` |\n\nBumps the npm_and_yarn group with 2 updates in the /example directory: [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) and [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `ai` from 4.1.36 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/ai@5.0.52/packages/ai/CHANGELOG.md\"\u003eai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.52\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec56822d: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the \u003ccode\u003eUIMessageChunk\u003c/code\u003e type\u003c/li\u003e\n\u003cli\u003e930399b: fix(ai): download files when intermediate file cannot be downloaded\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [7ca78f1]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.51\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e27645bb: Export \u003ccode\u003eparseJsonEventStream\u003c/code\u003e and \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e from \u0026quot;ai\u0026quot; package\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [322901b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.28\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.50\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c5f403a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.49\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e304478]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.26\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [4d3ff64]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.25\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c86e0f7]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [6bbae01]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/gateway\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.24\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/27645bb653b24dd7e285df7848154f86af309451\"\u003e\u003ccode\u003e27645bb\u003c/code\u003e\u003c/a\u003e Backport: Export \u003ccode\u003eparseJsonEventStream\u003c/code\u003e and \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e from \u0026quot;ai\u0026quot; ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/8b7f0d2eac987a0066befd46a0119d533b1e65e2\"\u003e\u003ccode\u003e8b7f0d2\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8843\"\u003e#8843\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/9eef1982d2d40e190300b3b02d7edafbf5a8b0af\"\u003e\u003ccode\u003e9eef198\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8831\"\u003e#8831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/20bca657c4ebd3cbef370e4a093818cbf0f84eca\"\u003e\u003ccode\u003e20bca65\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8799\"\u003e#8799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4254096b7ffb1d96e3f6a1926ccfffaa1799280f\"\u003e\u003ccode\u003e4254096\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/ai/issues/8753\"\u003e#8753\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/ai@5.0.52/packages/ai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 10.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.24.7 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.0 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.4.0...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.1...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.9.19 to 3.11.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/566\"\u003e#566\u003c/a\u003e\u003c/strong\u003e — Restore \u003ccode\u003eutil.inspect\u003c/code\u003e output on Node 26+. \u003ccode\u003econsole.log(vm.run(...))\u003c/code\u003e was rendering as \u003ccode\u003eProxy(Proxy({}))\u003c/code\u003e / \u003ccode\u003eProxy(Proxy([]))\u003c/code\u003e instead of the underlying value. Triggered by Node 26's stricter handling of nested proxies in the inspector.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/567\"\u003e#567\u003c/a\u003e\u003c/strong\u003e — Restore array iteration on \u003ccode\u003evm.freeze()\u003c/code\u003e'd host arrays. Calling \u003ccode\u003e.map()\u003c/code\u003e / \u003ccode\u003e.filter()\u003c/code\u003e / \u003ccode\u003e.forEach()\u003c/code\u003e etc. inside the sandbox on a frozen host object containing arrays threw\n\u003ccode\u003eTypeError: 'isExtensible' on proxy: trap result does not reflect extensibility of proxy target\u003c/code\u003e. Regression from the 3.11.0 proxy-invariant hardening.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/patriksimek/vm2/pull/568\"\u003e#568\u003c/a\u003e\u003c/strong\u003e — Fix \u003ccode\u003e.node\u003c/code\u003e extension handler key in \u003ccode\u003elib/resolver.js\u003c/code\u003e (the key was \u003ccode\u003e' .node'\u003c/code\u003e with a leading space, so native addon resolution silently fell through to the default path). Thanks to \u003ca href=\"https://github.com/cherr-cc\"\u003e\u003ccode\u003e@​cherr-cc\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eUpgrade Notes\u003c/h2\u003e\n\u003cp\u003eDrop-in replacement for 3.11.4. No API or configuration changes.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.4...v3.11.5\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.4...v3.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.4\u003c/h2\u003e\n\u003cp\u003eTen advisories closed. Patch release — no API changes for valid configurations.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-c4cf-2hgv-2qv6\u003c/strong\u003e — Bridge \u003ccode\u003eset\u003c/code\u003e trap ignoring ECMA-262 §9.5.9 \u003ccode\u003eReceiver\u003c/code\u003e, letting \u003ccode\u003eObject.create(hostObj)\u003c/code\u003e children and \u003ccode\u003eReflect.set(hostObj, k, v, custom)\u003c/code\u003e writes leak onto the host object (write-channel → RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-m5q2-4fm3-vfqp\u003c/strong\u003e — Cross-realm \u003ccode\u003eSymbol.for\u003c/code\u003e namespace leak + missing dangerous-symbol guards on the bridge's write traps (\u003ccode\u003eset\u003c/code\u003e / \u003ccode\u003edefineProperty\u003c/code\u003e / \u003ccode\u003edeleteProperty\u003c/code\u003e), enabling sandbox-installed \u003ccode\u003enodejs.util.promisify.custom\u003c/code\u003e / stream brand / webstream hooks on host objects (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-v6mx-mf47-r5wg\u003c/strong\u003e — Host prototype mutation via \u003ccode\u003eFunction.prototype.{call,apply,bind}\u003c/code\u003e and \u003ccode\u003eReflect.{apply,construct}\u003c/code\u003e indirection through \u003ccode\u003eObject.prototype.__proto__\u003c/code\u003e setter, severing host intrinsic prototype chains and escaping via \u003ccode\u003ethisEnsureThis\u003c/code\u003e proto-walk fallthrough (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-q3fm-4wcw-g57x\u003c/strong\u003e — Defense Invariant \u003ca href=\"https://redirect.github.com/patriksimek/vm2/issues/11\"\u003e#11\u003c/a\u003e violation in \u003ccode\u003edefaultSandboxPrepareStackTrace\u003c/code\u003e (second variant of GHSA-9qj6-qjgg-37qq in a different file): sandbox-installed \u003ccode\u003eArray.prototype[N]\u003c/code\u003e setter / \u003ccode\u003eArray.prototype.join\u003c/code\u003e override could observe bridge-internal stack-trace state.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-76w7-j9cq-rx2j\u003c/strong\u003e — Promise species hijack in \u003ccode\u003elocalPromise\u003c/code\u003e's swallow-tail, hijacking the downstream child constructor to capture V8's internal \u003ccode\u003e(resolve, reject)\u003c/code\u003e capability and reach a raw host-realm error → host \u003ccode\u003eFunction\u003c/code\u003e (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-m4wx-m65x-ghrr\u003c/strong\u003e — NodeVM constructor patch bypass of GHSA-8hg8-63c5-gwmx: any truthy \u003ccode\u003enesting\u003c/code\u003e paired with a non-real-config \u003ccode\u003erequire\u003c/code\u003e produced a NESTING_OVERRIDE-only resolver → inner NodeVM with attacker-chosen \u003ccode\u003erequire\u003c/code\u003e → \u003ccode\u003echild_process\u003c/code\u003e RCE.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-6j2x-vhqr-qr7q\u003c/strong\u003e — WebAssembly JSPI (\u003ccode\u003eWebAssembly.promising\u003c/code\u003e / \u003ccode\u003eWebAssembly.Suspending\u003c/code\u003e, Node 24+ behind a flag, Node 26+ default) producing Promise objects with a host-realm \u003ccode\u003e[[Prototype]]\u003c/code\u003e chain and no bridge interposition; species hijack delivers a raw host-realm rejection to sandbox \u003ccode\u003e.catch\u003c/code\u003e → host \u003ccode\u003eFunction\u003c/code\u003e (RCE).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-rp36-8xq3-r6c4\u003c/strong\u003e — NodeVM builtin denylist bypass via \u003ccode\u003eprocess\u003c/code\u003e (whose \u003ccode\u003egetBuiltinModule(name)\u003c/code\u003e reloads any core module regardless of allow/deny config) and \u003ccode\u003einspector/promises\u003c/code\u003e (whose \u003ccode\u003eSession().post('Runtime.evaluate', ...)\u003c/code\u003e evaluates attacker JS in the host realm). Supersedes GHSA-947f-4v7f-x2v8.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-r9pm-gxmw-wv6p\u003c/strong\u003e — NodeVM \u003ccode\u003ebuiltin: ['*']\u003c/code\u003e wildcard exposing Node's undocumented underscored network builtins (\u003ccode\u003e_http_client\u003c/code\u003e, \u003ccode\u003e_http_server\u003c/code\u003e, \u003ccode\u003e_tls_*\u003c/code\u003e, \u003ccode\u003e_stream_*\u003c/code\u003e) even when the documented \u003ccode\u003e-http\u003c/code\u003e/\u003ccode\u003e-https\u003c/code\u003e/\u003ccode\u003e-net\u003c/code\u003e/\u003ccode\u003e-tls\u003c/code\u003e exclusions were used — SSR...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/ai/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fai/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.14.2","new_version":"1.16.3","update_type":"minor","path":"/storefront-UI-project","pr_created_at":"2026-05-21T00:33:19.000Z","version_change":"1.14.2 → 1.16.3","issue":{"uuid":"4490800286","node_id":"PR_kwDOHLC4Gs7dvnhb","number":3,"state":"open","title":"build(deps): bump serve-static and express in /storefront-UI-project","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T00:33:19.000Z","updated_at":"2026-05-21T00:33:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.2","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.3","new_version":"4.22.2"}],"path":"/storefront-UI-project","ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.14.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/eggheadio/egghead-projects/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/eggheadio/egghead-projects/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eggheadio%2Fegghead-projects/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"1.16.2","new_version":"1.16.3","update_type":"patch","path":null,"pr_created_at":"2026-05-19T16:11:40.000Z","version_change":"1.16.2 → 1.16.3","issue":{"uuid":"4479033558","node_id":"PR_kwDOEzH_b87dJlxJ","number":2257,"state":"closed","title":"Bump the npm_and_yarn group across 4 directories with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T05:09:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T16:11:40.000Z","updated_at":"2026-05-22T05:10:04.000Z","time_to_close":219494,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":23,"packages":[{"name":"@babel/runtime","old_version":"7.27.1","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"semver","old_version":"6.3.1","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"express","old_version":"4.21.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"path-to-regexp","old_version":"0.1.12","new_version":"0.1.13","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.16.2","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the /samples/app-localization/nodejs/client directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.27.1` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [semver](https://github.com/npm/node-semver) | `6.3.1` | `7.8.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [express](https://github.com/expressjs/express) | `4.21.2` | `4.22.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.9` | `1.16.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.16.2` | `1.16.3` |\n\nBumps the npm_and_yarn group with 4 updates in the /samples/tab-add-in-combined/nodejs/add-in directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime), [js-yaml](https://github.com/nodeca/js-yaml), [semver](https://github.com/npm/node-semver) and [body-parser](https://github.com/expressjs/body-parser).\nBumps the npm_and_yarn group with 13 updates in the /samples/tab-add-in-combined/nodejs/tab directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.27.0` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [semver](https://github.com/npm/node-semver) | `6.3.1` | `7.8.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [express](https://github.com/expressjs/express) | `4.21.2` | `4.22.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.9` | `1.16.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.16.2` | `1.16.3` |\n| [axios](https://github.com/axios/axios) | `1.8.4` | `1.16.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n\nBumps the npm_and_yarn group with 16 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.7` | `1.16.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `removed` |\n| [@azure/msal-node](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `1.9.0` | `1.18.4` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n\n\nUpdates `@babel/runtime` from 7.27.1 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cb78b5b50e327e27467086cf8bbe196bda7cea9b\"\u003e\u003ccode\u003ecb78b5b\u003c/code\u003e\u003c/a\u003e [babel 8] Do not replace global \u003ccode\u003eregeneratorRuntime\u003c/code\u003e references in regenerato...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 6.3.1 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v6.3.1...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.21.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.12 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.7 / 2015-07-28\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression with escaped round brackets and matching groups.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.6 / 2015-06-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eReplace \u003ccode\u003eindex\u003c/code\u003e feature by outputting all parameters, unnamed and named.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.5 / 2015-05-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an index property for position in match result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.4 / 2015-03-05\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd license information\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.3 / 2014-07-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBetter array support\u003c/li\u003e\n\u003cli\u003eImproved support for trailing slash in non-ending mode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.1.0 / 2014-03-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eadd options.end\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.0.2 / 2013-02-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to match current express\u003c/li\u003e\n\u003cli\u003eadd .license property to component.json\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare vi...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2257","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2257","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2257/packages"}},{"old_version":"1.16.3","new_version":"2.2.1","update_type":"major","path":null,"pr_created_at":"2026-05-18T23:10:58.000Z","version_change":"1.16.3 → 2.2.1","issue":{"uuid":"4473194387","node_id":"PR_kwDON_zH6c7c2y4n","number":48,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":20,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T23:10:58.000Z","updated_at":"2026-05-19T00:10:36.588Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"axios","old_version":"1.15.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"express","old_version":"4.22.1","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"body-parser","old_version":"1.20.4","new_version":"2.2.2"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2"},{"name":"send","old_version":"0.19.2","new_version":"1.2.1"},{"name":"serve-static","old_version":"1.16.3","new_version":"2.2.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [express](https://github.com/expressjs/express).\n\nUpdates `axios` from 1.15.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.22.1 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 5.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6933\"\u003eexpressjs/express#6933\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/expressjs/express/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6429\"\u003eexpressjs/express#6429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: simplify \u003ccode\u003eacceptsLanguages\u003c/code\u003e implementation using spread operator by \u003ca href=\"https://github.com/Ayoub-Mabrouk\"\u003e\u003ccode\u003e@​Ayoub-Mabrouk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6137\"\u003eexpressjs/express#6137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eincreased code coverage of utils.js file by \u003ca href=\"https://github.com/ashish3011\"\u003e\u003ccode\u003e@​ashish3011\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6386\"\u003eexpressjs/express#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove duplicate word by \u003ca href=\"https://github.com/dufucun\"\u003e\u003ccode\u003e@​dufucun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6456\"\u003eexpressjs/express#6456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6498\"\u003eexpressjs/express#6498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6497\"\u003eexpressjs/express#6497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6496\"\u003eexpressjs/express#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6504\"\u003eexpressjs/express#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update codeql config by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6488\"\u003eexpressjs/express#6488\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6512\"\u003eexpressjs/express#6512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typos in test by \u003ca href=\"https://github.com/noritaka1166\"\u003e\u003ccode\u003e@​noritaka1166\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6535\"\u003eexpressjs/express#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: disable credential persistence for checkout actions by \u003ca href=\"https://github.com/mertssmnoglu\"\u003e\u003ccode\u003e@​mertssmnoglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6522\"\u003eexpressjs/express#6522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: allow manual triggering of workflow by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6515\"\u003eexpressjs/express#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: add coverage for app.listen() variants by \u003ca href=\"https://github.com/kgarg1\"\u003e\u003ccode\u003e@​kgarg1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6476\"\u003eexpressjs/express#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move documentation and charters to the discussions and .github … by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6427\"\u003eexpressjs/express#6427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6549\"\u003eexpressjs/express#6549\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6548\"\u003eexpressjs/express#6548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: enforce explicit \u003ccode\u003eBuffer\u003c/code\u003e import and add lint rule by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6525\"\u003eexpressjs/express#6525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use node protocol for querystring by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6520\"\u003eexpressjs/express#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo by \u003ca href=\"https://github.com/mountdisk\"\u003e\u003ccode\u003e@​mountdisk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6609\"\u003eexpressjs/express#6609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6618\"\u003eexpressjs/express#6618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd deprecation warnings for redirect arguments undefined by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6405\"\u003eexpressjs/express#6405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: run CI when the markdown changes by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6632\"\u003eexpressjs/express#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: fix CONTRIBUTING link by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6653\"\u003eexpressjs/express#6653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update contributing guidelines and code of conduct links by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6601\"\u003eexpressjs/express#6601\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump morgan from 1.10.0 to 1.10.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6679\"\u003eexpressjs/express#6679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6678\"\u003eexpressjs/express#6678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elint: add --fix flag to automatic fix linting issue by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6644\"\u003eexpressjs/express#6644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: ignore yarn.lock file and update example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6588\"\u003eexpressjs/express#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elib: use req.socket over deprecated req.connection by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6705\"\u003eexpressjs/express#6705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update express app example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6718\"\u003eexpressjs/express#6718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6675\"\u003eexpressjs/express#6675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove history.md from being packaged on publish by \u003ca href=\"https://github.com/sheplu\"\u003e\u003ccode\u003e@​sheplu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6780\"\u003eexpressjs/express#6780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/master/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.2.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA deprecation warning was added when using \u003ccode\u003eres.redirect\u003c/code\u003e with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.1.0 / 2025-03-31\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eUint8Array\u003c/code\u003e in \u003ccode\u003eres.send()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for ETag option in \u003ccode\u003eres.sendFile()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for multiple links with the same rel in \u003ccode\u003eres.links()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd funding field to package.json\u003c/li\u003e\n\u003cli\u003eperf: use loop for acceptParams\u003c/li\u003e\n\u003cli\u003erefactor: prefix built-in node module imports\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003esetprototypeof\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003esafe-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003eutils-merge\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003emethods\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: remove \u003ccode\u003edepd\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003edebug@^4.4.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003erouter@^2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003econtent-type@^1.0.5\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003efinalhandler@^2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003eqs@^6.14.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003eserver-static@2.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003etype-is@2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.0.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ecookie\u003c/code\u003e semver lock to address \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.0.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eremove:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epath-is-absolute\u003c/code\u003e dependency - use \u003ccode\u003epath.isAbsolute\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ebreaking:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eres.status()\u003c/code\u003e accepts only integers, and input must be greater than 99 and less than 1000\n\u003cul\u003e\n\u003cli\u003ewill throw a \u003ccode\u003eRangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.\u003c/code\u003e for inputs outside this range\u003c/li\u003e\n\u003cli\u003ewill throw a \u003ccode\u003eTypeError: Invalid status code: ${code}. Status code must be an integer.\u003c/code\u003e for non integer inputs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@1.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dbac741a49a5a64336b70c06e85c2e2706e36336\"\u003e\u003ccode\u003edbac741\u003c/code\u003e\u003c/a\u003e 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/697547cde621d8b0a47b4fff6e98b29337f8c980\"\u003e\u003ccode\u003e697547c\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/4007ad103ba29f6426b2ec9eccfb1ceb792682a8\"\u003e\u003ccode\u003e4007ad1\u003c/code\u003e\u003c/a\u003e Release: 5.2.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/2f64f68c37c64ae333e41ff38032d21860f22255\"\u003e\u003ccode\u003e2f64f68\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/ed0ba3f1dc905d6b62eabf23bd383abcae4901ba\"\u003e\u003ccode\u003eed0ba3f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6928\"\u003e#6928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8eace4603cb2547608578a4fbb259dc984216f71\"\u003e\u003ccode\u003e8eace46\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6929\"\u003e#6929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/30bae810279b2ea162bed5b14ce6c35a110a87f5\"\u003e\u003ccode\u003e30bae81\u003c/code\u003e\u003c/a\u003e build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6930\"\u003e#6930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/758d4355d45322b4c8cd347ebcefbf3b154c7e7f\"\u003e\u003ccode\u003e758d435\u003c/code\u003e\u003c/a\u003e deps: body-parser@^2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/77bcd5274a87047e5b3fe2f17f6c342db3909c53\"\u003e\u003ccode\u003e77bcd52\u003c/code\u003e\u003c/a\u003e docs: update emeritus triagers (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6890\"\u003e#6890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f33caf1f89a028f0ea98ff5a156a68e65a2eabdd\"\u003e\u003ccode\u003ef33caf1\u003c/code\u003e\u003c/a\u003e Nominate to \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e for triage team (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6888\"\u003e#6888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.4 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.0 / 2025-03-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: normalize common options for all parsers\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003eiconv-lite@^0.6.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.1.0 / 2025-02-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.0\u003c/li\u003e\n\u003cli\u003edebug@^4.4.0\u003c/li\u003e\n\u003cli\u003eRemoved destroy\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003erefactor: prefix built-in node module imports\u003c/li\u003e\n\u003cli\u003euse the node require cache instead of custom caching\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.2 / 2024-10-31\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eremove \u003ccode\u003eunpipe\u003c/code\u003e package and use native \u003ccode\u003eunpipe()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.1 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore expected behavior \u003ccode\u003eextended\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.0.0 / 2024-09-10\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode.js 18 is the minimum supported version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.19.2 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add CodeQl (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/250\"\u003epillarjs/send#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/255\"\u003epillarjs/send#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[StepSecurity] Apply security best practices by \u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/265\"\u003epillarjs/send#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.23.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/257\"\u003epillarjs/send#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/269\"\u003epillarjs/send#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/268\"\u003epillarjs/send#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/267\"\u003epillarjs/send#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/278\"\u003epillarjs/send#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/277\"\u003epillarjs/send#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/276\"\u003epillarjs/send#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/275\"\u003epillarjs/send#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/272\"\u003epillarjs/send#272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/262\"\u003epillarjs/send#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump supertest from 6.2.2 to 6.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/260\"\u003epillarjs/send#260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/283\"\u003epillarjs/send#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.31.2 to 4.31.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/282\"\u003epillarjs/send#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove HISTORY.md from tarball by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/285\"\u003epillarjs/send#285\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Node.js 25 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/284\"\u003epillarjs/send#284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependency ranges to latest versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/286\"\u003epillarjs/send#286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/281\"\u003epillarjs/send#281\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ehttps://github.com/pillarjs/send/compare/1.2.0...1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): updated dependency \u003ccode\u003efresh\u003c/code\u003e to v2 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/247\"\u003epillarjs/send#247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove obsolete dependency \u003ccode\u003edestroy\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/245\"\u003epillarjs/send#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove security file by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/248\"\u003epillarjs/send#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: update \u003ccode\u003emime-types\u003c/code\u003e to v3.0.1 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/251\"\u003epillarjs/send#251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update ci workflow and remove appveyor by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/249\"\u003epillarjs/send#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor:  remove \u003ccode\u003egetHeaderNames()\u003c/code\u003e polyfill and refactor \u003ccode\u003eclearHeaders()\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/243\"\u003epillarjs/send#243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease 1.2.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/252\"\u003epillarjs/send#252\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/247\"\u003epillarjs/send#247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/248\"\u003epillarjs/send#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.1.0...1.2.0\"\u003ehttps://github.com/pillarjs/send/compare/1.1.0...1.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.1 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor changes (package metadata)\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.4.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.0 / 2025-03-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003efresh@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eremoved \u003ccode\u003edestroy\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003egetHeaderNames()\u003c/code\u003e polyfill and refactor \u003ccode\u003eclearHeaders()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eChanges from 0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0 / 2024-07-25\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Node.js \u0026lt;18.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003erange-parser@^1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eon-finished@^2.4.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ems@^2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^2.1.35\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003efresh@^0.5.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eetag@^1.8.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eescape-html@^1.0.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eencodeurl@^2.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edestroy@^1.2.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.3.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0-beta.2 / 2024-03-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eChanges from 0.18.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.0.0-beta.1 / 2022-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Node.js 0.8\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/096a6148bea0b82ca974fe0016e6eac280869249\"\u003e\u003ccode\u003e096a614\u003c/code\u003e\u003c/a\u003e 1.2.1 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/861e3c609c52669c79ef7e5e268cc3d6a51f6912\"\u003e\u003ccode\u003e861e3c6\u003c/code\u003e\u003c/a\u003e chore: update depenency ranges to latest versions (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/a40fcd4aef752bc0540234e36d5f3e6a1e384852\"\u003e\u003ccode\u003ea40fcd4\u003c/code\u003e\u003c/a\u003e ci: add Node.js 25 to test matrix (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/7740dde70eb61547c87089b53619089a5c911502\"\u003e\u003ccode\u003e7740dde\u003c/code\u003e\u003c/a\u003e chore: remove HISTORY.md from tarball (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f532f4115fc6c92ade88c5abe83297d64a39e515\"\u003e\u003ccode\u003ef532f41\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f9b651ff01c8761b7ec0ddefcc92baa19789c7eb\"\u003e\u003ccode\u003ef9b651f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/db2558b7bd3fe7f183e54e50bc753a725822755a\"\u003e\u003ccode\u003edb2558b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump supertest from 6.2.2 to 6.3.4 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/136fcf6465495db3e8b55d9463721e12613333af\"\u003e\u003ccode\u003e136fcf6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/262\"\u003e#262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/fac9c3f6af95e55d93966a334c2565f434fff6a7\"\u003e\u003ccode\u003efac9c3f\u003c/code\u003e\u003c/a\u003e build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/cd0c2535f31100a4224c82deb32e93e3b07b0ac1\"\u003e\u003ccode\u003ecd0c253\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/setup-node from 4 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.2...1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.16.3 to 2.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/202\"\u003eexpressjs/serve-static#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/201\"\u003eexpressjs/serve-static#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/204\"\u003eexpressjs/serve-static#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/205\"\u003eexpressjs/serve-static#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/209\"\u003eexpressjs/serve-static#209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/210\"\u003eexpressjs/serve-static#210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/211\"\u003eexpressjs/serve-static#211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/212\"\u003eexpressjs/serve-static#212\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/213\"\u003eexpressjs/serve-static#213\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/216\"\u003eexpressjs/serve-static#216\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/226\"\u003eexpressjs/serve-static#226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/225\"\u003eexpressjs/serve-static#225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/224\"\u003eexpressjs/serve-static#224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 6 npm dependencies across the project, including major version bumps for axios (1.15.0→1.15.2) and express (4.22.0→5.2.1), along with 4 indirect dependency updates to enhance security and maintain compatibility.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Axios Update**: Upgraded from 1.15.0 to 1.15.2 with critical security fixes for prototype pollution, SSRF vulnerabilities, and memory leaks\n- **Express Major Version**: Updated from 4.22.0 to 5.2.1, representing a major version upgrade with breaking changes and new features\n- **Indirect Dependencies**: Updated body-parser (1.20.4→2.2.2), qs (6.14.2→6.15.2), send (0.19.2→1.2.1), and serve-static (1.16.3→2.2.1)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[package.json] --\u003e B[Direct Dependencies]\n    A --\u003e C[Indirect Dependencies]\n    B --\u003e D[axios ^1.15.2]\n    B --\u003e E[express ^5.2.1]\n    C --\u003e F[body-parser 2.2.2]\n    C --\u003e G[qs 6.15.2]\n    C --\u003e H[send 1.2.1]\n    C --\u003e I[serve-static 2.2.1]\n    \n    D --\u003e J[Security Fixes]\n    E --\u003e K[Breaking Changes]\n    F --\u003e L[CVE Patches]\n    \n    J --\u003e M[Prototype Pollution Protection]\n    J --\u003e N[SSRF Mitigation]\n    J --\u003e O[Memory Leak Fixes]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, SSRF vulnerabilities, and authentication bypass issues\n- **Breaking Changes**: Express 5.x introduces breaking changes that may require code modifications for status code handling and deprecated features\n- **Performance Improvements**: Memory leak fixes in axios and optimizations across updated dependencies improve application stability\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/llama-fs/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fllama-fs/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":"/src","pr_created_at":"2026-05-09T06:09:29.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4411419075","node_id":"PR_kwDOIVmTkc7ZysX_","number":14,"state":"closed","title":"Bump serve-static and express in /src","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T06:11:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-09T06:09:29.000Z","updated_at":"2026-05-09T06:11:11.000Z","time_to_close":101,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.1","new_version":"4.22.1"}],"path":"/src","ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.1...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lombaardj/containerapps-albumui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lombaardj/containerapps-albumui/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lombaardj%2Fcontainerapps-albumui/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-05-07T00:48:43.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4395367703","node_id":"PR_kwDOMh9OFc7Y-Grf","number":2,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-07T00:48:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T00:48:43.000Z","updated_at":"2026-05-07T00:48:53.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"express","old_version":"4.19.2","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"nanoid","old_version":"5.0.7","new_version":"5.0.9","repository_url":"https://github.com/ai/nanoid"},{"name":"cookie","old_version":"0.6.0","new_version":"0.7.2"},{"name":"path-to-regexp","old_version":"0.1.7","new_version":"0.1.13"},{"name":"qs","old_version":"6.11.0","new_version":"6.14.2"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"tar","old_version":"6.2.1","new_version":"7.5.14"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [express](https://github.com/expressjs/express), [nanoid](https://github.com/ai/nanoid) and [@tootallnate/once](https://github.com/TooTallNate/once).\n\nUpdates `express` from 4.19.2 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 5.0.7 to 5.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by \u003ca href=\"https://github.com/kirillgroshkov\"\u003e\u003ccode\u003e@​kirillgroshkov\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by \u003ca href=\"https://github.com/kirillgroshkov\"\u003e\u003ccode\u003e@​kirillgroshkov\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/65a38ac63a0709c420b9de30b15511b84e87c423\"\u003e\u003ccode\u003e65a38ac\u003c/code\u003e\u003c/a\u003e Release 5.0.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/b00d120d7a88ef045df0835c89fed6bf29b26bda\"\u003e\u003ccode\u003eb00d120\u003c/code\u003e\u003c/a\u003e Merge after 3.3.8 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/cdc3edc2f57652d97e566acecef7f1bb0f4650db\"\u003e\u003ccode\u003ecdc3edc\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/d643045f40d6dc8afa000a644d857da1436ed08c\"\u003e\u003ccode\u003ed643045\u003c/code\u003e\u003c/a\u003e Fix pool pollution, infinite loop (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/510\"\u003e#510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/0daa00f68acc2f958ba19f73ddef700ce4049ab7\"\u003e\u003ccode\u003e0daa00f\u003c/code\u003e\u003c/a\u003e Additional fixes and tests for \u003ca href=\"https://redirect.github.com/ai/nanoid/issues/508\"\u003e#508\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/313a14eb0e0557adba8a00d22b66f6a41a8b1cee\"\u003e\u003ccode\u003e313a14e\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/eb2db95a181c1cd42580f1c5ff88e455ad03ffb7\"\u003e\u003ccode\u003eeb2db95\u003c/code\u003e\u003c/a\u003e Fix size limit and linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/9da8f607e1ebaae1aac73c9ba7fb199b5a4592f6\"\u003e\u003ccode\u003e9da8f60\u003c/code\u003e\u003c/a\u003e Fix pool pollution, infinite loop (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/508\"\u003e#508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/5.0.7...5.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `cookie` from 0.6.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.0...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 6.2.1 to 7.5.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/35a1ffe73eb4aa05cd2613f8fdcfb4c9c9ed59f9\"\u003e\u003ccode\u003e35a1ffe\u003c/code\u003e\u003c/a\u003e doc: more clarity in security warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v6.2.1...v7.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 2.1.1 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4b7e8688a54268b7c3268848504167635050aa10\"\u003e\u003ccode\u003e4b7e868\u003c/code\u003e\u003c/a\u003e 2.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/266194b94b5ab0b6c2ad2739e4247970dbd1e7ba\"\u003e\u003ccode\u003e266194b\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/d97731b0e1b8a244ab859784b514cfcf5585ad3d\"\u003e\u003ccode\u003ed97731b\u003c/code\u003e\u003c/a\u003e 2.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/fd1634e869e7c5f85948e95eabdaa8451a085de5\"\u003e\u003ccode\u003efd1634e\u003c/code\u003e\u003c/a\u003e symlink tweak from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.1...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ZhongRuoyu/shorten.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ZhongRuoyu/shorten.js/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZhongRuoyu%2Fshorten.js/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.13.2","new_version":"1.16.3","update_type":"minor","path":"the npm_and_yarn group across 0 directory","pr_created_at":"2026-05-03T16:21:29.000Z","version_change":"1.13.2 → 1.16.3","issue":{"uuid":"4372318791","node_id":"PR_kwDOLCages7Xy6_K","number":11,"state":"closed","title":"Bump serve-static from 1.13.2 to 1.16.3 in the npm_and_yarn group across 0 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T17:06:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T16:21:29.000Z","updated_at":"2026-05-03T17:07:00.000Z","time_to_close":2729,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","old_version":"1.13.2","new_version":"1.16.3","repository_url":null}],"path":"the npm_and_yarn group across 0 directory","ecosystem":"npm"},"body":"Updates `serve-static` from 1.13.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.1 / 2019-05-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSet stricter CSP header in redirect response\u003c/li\u003e\n\u003cli\u003edeps: send@0.17.1\n\u003cul\u003e\n\u003cli\u003edeps: range-parser@~1.2.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.0 / 2019-05-07\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.13.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serve-static\u0026package-manager=npm_and_yarn\u0026previous-version=1.13.2\u0026new-version=1.16.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bramp/ninaandandrew.com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bramp/ninaandandrew.com/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bramp%2Fninaandandrew.com/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"1.14.1","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-20T18:13:48.000Z","version_change":"1.14.1 → 1.16.3","issue":{"uuid":"4297748196","node_id":"PR_kwDONygq0c7UDWSa","number":71,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 4 directories with 5 updates","user":"dependabot[bot]","labels":["needs-review","dependencies","javascript","no-pr-activity"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-20T18:13:48.000Z","updated_at":"2026-05-27T09:52:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"send","old_version":"0.17.1","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the npm_and_yarn group with 4 updates in the / directory: [ansi-regex](https://github.com/chalk/ansi-regex), [brace-expansion](https://github.com/juliangruber/brace-expansion), [send](https://github.com/pillarjs/send) and [serve-static](https://github.com/expressjs/serve-static).\nBumps the npm_and_yarn group with 1 update in the /07-building-chat-applications/typescript/chat-completions-app directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /08-building-search-applications/typescript/search-app directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /11-integrating-with-function-calling/typescript/function-app directory: [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/64735d25eb839b55bc9fae3877edb702b4c92ca2\"\u003e\u003ccode\u003e64735d2\u003c/code\u003e\u003c/a\u003e v4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a\"\u003e\u003ccode\u003e75a657d\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.17.1 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.18.0 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.17.2 / 2021-12-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003cli\u003edeps: http-errors@1.8.1\n\u003cul\u003e\n\u003cli\u003edeps: inherits@2.0.4\u003c/li\u003e\n\u003cli\u003edeps: toidentifier@1.0.1\u003c/li\u003e\n\u003cli\u003edeps: setprototypeof@1.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b69cbb3dc4c09c37917d08a4c13fcd1bac97ade5\"\u003e\u003ccode\u003eb69cbb3\u003c/code\u003e\u003c/a\u003e 0.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f53edbb7f4f7ebdd936d3d714d84d52f2d3d00f3\"\u003e\u003ccode\u003ef53edbb\u003c/code\u003e\u003c/a\u003e Limit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/706d6ddf0d3c8a9248fc1edbc3ff60bbc6ad7b93\"\u003e\u003ccode\u003e706d6dd\u003c/code\u003e\u003c/a\u003e docs: add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/b690ba4bd149d20fa6687ee6298fb6aede5b21d7\"\u003e\u003ccode\u003eb690ba4\u003c/code\u003e\u003c/a\u003e docs: fix linux build badge link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/0.17.1...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues...\n\n_Description has been truncated_","html_url":"https://github.com/asleekgeek/generative-ai-for-beginners/pull/71","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/asleekgeek%2Fgenerative-ai-for-beginners/issues/71","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/71/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-17T22:30:20.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4285659402","node_id":"PR_kwDOIaVK487Td3BY","number":6,"state":"open","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T22:30:20.000Z","updated_at":"2026-04-17T22:30:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/marcilio-freitas27/app-vercel-teste/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/marcilio-freitas27/app-vercel-teste/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcilio-freitas27%2Fapp-vercel-teste/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-17T01:34:26.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4279556964","node_id":"PR_kwDOMkUSms7TKNDp","number":1,"state":"open","title":"chore(deps): Bump the npm_and_yarn group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T01:34:26.000Z","updated_at":"2026-04-17T01:35:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"npm_and_yarn","update_count":30,"packages":[{"name":"mongoose","old_version":"8.5.3","new_version":"8.9.5","repository_url":"https://github.com/Automattic/mongoose"},{"name":"next","old_version":"14.2.5","new_version":"16.2.4","repository_url":"https://github.com/vercel/next.js"},{"name":"next-auth","old_version":"4.24.7","new_version":"4.24.12","repository_url":"https://github.com/nextauthjs/next-auth"},{"name":"@babel/helpers","old_version":"7.25.0","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"base-x","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"glob","old_version":"10.4.5","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@stablelib/ed25519","old_version":"1.0.3","new_version":"removed","repository_url":"https://github.com/StableLib/stablelib"},{"name":"bn.js","old_version":"5.2.1","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"defu","old_version":"6.1.4","new_version":"6.1.7","repository_url":"https://github.com/unjs/defu"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"h3","old_version":"1.12.0","new_version":"1.15.11","repository_url":"https://github.com/h3js/h3"},{"name":"image-size","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/image-size/image-size"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.7","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"socket.io-parser","old_version":"4.2.4","new_version":"4.2.6","repository_url":"https://github.com/socketio/socket.io"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"yaml","old_version":"2.5.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 28 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [mongoose](https://github.com/Automattic/mongoose) | `8.5.3` | `8.9.5` |\n| [next](https://github.com/vercel/next.js) | `14.2.5` | `16.2.4` |\n| [next-auth](https://github.com/nextauthjs/next-auth) | `4.24.7` | `4.24.12` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.25.0` | `7.29.2` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `4.0.0` | `4.0.1` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [@stablelib/ed25519](https://github.com/StableLib/stablelib) | `1.0.3` | `removed` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.1` | `5.2.3` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [defu](https://github.com/unjs/defu) | `6.1.4` | `6.1.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `4.5.6` |\n| [h3](https://github.com/h3js/h3) | `1.12.0` | `1.15.11` |\n| [image-size](https://github.com/image-size/image-size) | `1.1.1` | `1.2.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.7` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.4` | `4.2.6` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [yaml](https://github.com/eemeli/yaml) | `2.5.0` | `2.8.3` |\n\n\nUpdates `mongoose` from 8.5.3 to 8.9.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/releases\"\u003emongoose's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.9.5 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match\u003c/li\u003e\n\u003cli\u003efix(schema): handle bitwise operators on Int32 \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003e#15170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.4 / 2025-01-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(document): fix document not applying manual populate when using a function in schema.options.ref \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15138\"\u003e#15138\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): make Model.validate() static correctly cast document arrays \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15169\"\u003e#15169\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15164\"\u003e#15164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): allow passing validateBeforeSave option to bulkSave() to skip validation \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15161\"\u003e#15161\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15156\"\u003e#15156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15142\"\u003e#15142\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15120\"\u003e#15120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: avoid BufferToBinary\u0026lt;\u0026gt; wiping lean types when passed to generic functions \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15160\"\u003e#15160\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15158\"\u003e#15158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix \u0026lt;code\u0026gt; in header ids \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15159\"\u003e#15159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix header in field-level-encryption.md \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15137\"\u003e#15137\u003c/a\u003e \u003ca href=\"https://github.com/damieng\"\u003edamieng\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.3 / 2024-12-30\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): make duplicate index error a warning for now to prevent blocking upgrading \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15135\"\u003e#15135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle document array paths set to non-array values in Model.castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15124\"\u003e#15124\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15131\"\u003e#15131\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): avoid throwing unnecessary error if updateOne() returns null in save() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15126\"\u003e#15126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15136\"\u003e#15136\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/10449\"\u003e#10449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: make BufferToBinary avoid Document instances \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15123\"\u003e#15123\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15122\"\u003e#15122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(model+query): avoid stripping out virtuals when calling populate with paths generic \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15132\"\u003e#15132\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15111\"\u003e#15111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(schema): add missing removeIndex \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15134\"\u003e#15134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add cleanIndexes() to IndexManager interface \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15127\"\u003e#15127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move search endpoint to netlify \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15119\"\u003e#15119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.2 / 2024-12-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(map): clean modified subpaths when overwriting values in map of subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15114\"\u003e#15114\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15108\"\u003e#15108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(aggregate): pull session from transaction local storage for aggregation cursors \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15094\"\u003e#15094\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: correctly handle union types in BufferToBinary and related helpers \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15103\"\u003e#15103\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15102\"\u003e#15102\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15057\"\u003e#15057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add UUID to RefType \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15115\"\u003e#15115\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15101\"\u003e#15101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove link to Mongoose 5.x docs from dropdown \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15116\"\u003e#15116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15113\"\u003e#15113\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15107\"\u003e#15107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.1 / 2024-12-16\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(connection): remove heartbeat check in load balanced mode \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15089\"\u003e#15089\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15042\"\u003e#15042\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/14812\"\u003e#14812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15099\"\u003e#15099\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15088\"\u003e#15088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15092\"\u003e#15092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle discriminators in castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15096\"\u003e#15096\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): throw error if duplicate index definition using unique in schema path and subsequent .index() call \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15093\"\u003e#15093\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15056\"\u003e#15056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: mark documents that are populated using hydratedPopulatedDocs option as populated in top-level doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15080\"\u003e#15080\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15048\"\u003e#15048\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document+schema): improve error message for get() on invalid path \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15098\"\u003e#15098\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove more callback doc references \u0026amp; some small other changes \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15095\"\u003e#15095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.0 / 2024-12-13\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md\"\u003emongoose's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.9.5 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003cli\u003efix(schema): handle bitwise operators on Int32 \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003e#15170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e7.8.4 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e6.13.6 / 2025-01-13\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: disallow nested $where in populate match CVE-2025-23061\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.4 / 2025-01-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(document): fix document not applying manual populate when using a function in schema.options.ref \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15138\"\u003e#15138\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): make Model.validate() static correctly cast document arrays \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15169\"\u003e#15169\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15164\"\u003e#15164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): allow passing validateBeforeSave option to bulkSave() to skip validation \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15161\"\u003e#15161\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15156\"\u003e#15156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15142\"\u003e#15142\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15120\"\u003e#15120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: avoid BufferToBinary\u0026lt;\u0026gt; wiping lean types when passed to generic functions \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15160\"\u003e#15160\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15158\"\u003e#15158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix \u003ccode\u003e\u0026lt;code\u0026gt;\u003c/code\u003e in header ids \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15159\"\u003e#15159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix header in field-level-encryption.md \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15137\"\u003e#15137\u003c/a\u003e \u003ca href=\"https://github.com/damieng\"\u003edamieng\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.3 / 2024-12-30\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): make duplicate index error a warning for now to prevent blocking upgrading \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15135\"\u003e#15135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): handle document array paths set to non-array values in Model.castObject() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15124\"\u003e#15124\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15075\"\u003e#15075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15131\"\u003e#15131\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15071\"\u003e#15071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(model): avoid throwing unnecessary error if updateOne() returns null in save() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15126\"\u003e#15126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15136\"\u003e#15136\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/10449\"\u003e#10449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: make BufferToBinary avoid Document instances \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15123\"\u003e#15123\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15122\"\u003e#15122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(model+query): avoid stripping out virtuals when calling populate with paths generic \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15132\"\u003e#15132\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15111\"\u003e#15111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(schema): add missing removeIndex \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15134\"\u003e#15134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add cleanIndexes() to IndexManager interface \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15127\"\u003e#15127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move search endpoint to netlify \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15119\"\u003e#15119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.2 / 2024-12-19\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15112\"\u003e#15112\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15109\"\u003e#15109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(map): clean modified subpaths when overwriting values in map of subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15114\"\u003e#15114\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15108\"\u003e#15108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(aggregate): pull session from transaction local storage for aggregation cursors \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15094\"\u003e#15094\u003c/a\u003e \u003ca href=\"https://github.com/IchirokuXVI\"\u003eIchirokuXVI\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: correctly handle union types in BufferToBinary and related helpers \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15103\"\u003e#15103\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15102\"\u003e#15102\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15057\"\u003e#15057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add UUID to RefType \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15115\"\u003e#15115\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15101\"\u003e#15101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: remove link to Mongoose 5.x docs from dropdown \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15116\"\u003e#15116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15113\"\u003e#15113\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15107\"\u003e#15107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.9.1 / 2024-12-16\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix(connection): remove heartbeat check in load balanced mode \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15089\"\u003e#15089\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15042\"\u003e#15042\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/14812\"\u003e#14812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15099\"\u003e#15099\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15088\"\u003e#15088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15092\"\u003e#15092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/5af0a109fcf206eb765c02e0fffe54a78ab95174\"\u003e\u003ccode\u003e5af0a10\u003c/code\u003e\u003c/a\u003e chore: release 8.9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/a42d8f5e3b8a6c2abd7d32c15b0cc5edac928d4e\"\u003e\u003ccode\u003ea42d8f5\u003c/code\u003e\u003c/a\u003e Merge branch '7.x'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/73e81abe3ec012f8255d3ca9978594075378faf4\"\u003e\u003ccode\u003e73e81ab\u003c/code\u003e\u003c/a\u003e chore: release 7.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/4fe9a904e3c2184ce6d01d9c3c8f3b239616f155\"\u003e\u003ccode\u003e4fe9a90\u003c/code\u003e\u003c/a\u003e Merge branch '6.x' into 7.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/e59e342e5d01bfeee31c5d5c796745315ecf0fa9\"\u003e\u003ccode\u003ee59e342\u003c/code\u003e\u003c/a\u003e chore: release 6.13.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/64a9f9706f2428c49e0cfb8e223065acc645f7bc\"\u003e\u003ccode\u003e64a9f97\u003c/code\u003e\u003c/a\u003e fix: disallow nested $where in populate match\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/fa33717db8c6ee2331c68241abff7a81b84a70fb\"\u003e\u003ccode\u003efa33717\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15176\"\u003e#15176\u003c/a\u003e from Automattic/vkarpov15/\u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15170\"\u003egh-15170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/072860237a2b8d968e06d4090a24127de8cdff24\"\u003e\u003ccode\u003e0728602\u003c/code\u003e\u003c/a\u003e test: make test cast non-boolean value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/0cad0d71a8667295c6abd4636ea7d7b5cdc164e8\"\u003e\u003ccode\u003e0cad0d7\u003c/code\u003e\u003c/a\u003e fix(schema): handle bitwise operators on Int32\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/39886fbb57aaf345d01c0294cf2c3d2781898c29\"\u003e\u003ccode\u003e39886fb\u003c/code\u003e\u003c/a\u003e docs: quick changelog formatting fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/mongoose/compare/8.5.3...8.9.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.5 to 16.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.4\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92713\"\u003e#92713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix filesystem watcher config not applying follow_symlinks(false) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92631\"\u003e#92631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eScope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92580\"\u003e#92580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler: Support boolean and number primtives in next.config defines (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92731\"\u003e#92731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92725\"\u003e#92725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: shorter error for ChunkGroupInfo::get_index_of (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92814\"\u003e#92814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: shorter error message for ModuleBatchesGraph::get_entry_index (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92828\"\u003e#92828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdding more system info to the 'initialize project' trace (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92427\"\u003e#92427\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/Badbird5907\"\u003e\u003ccode\u003e@​Badbird5907\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukesandberg\"\u003e\u003ccode\u003e@​lukesandberg\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/andrewimm\"\u003e\u003ccode\u003e@​andrewimm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sokra\"\u003e\u003ccode\u003e@​sokra\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev16.2.3\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e. The release does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure app-page reports stale ISR revalidation errors via onRequestError (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92282\"\u003e#92282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91981\"\u003e#91981\u003c/a\u003e through \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92273\"\u003e#92273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeduplicate output assets and detect content conflicts on emit (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92292\"\u003e#92292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix styled-jsx race condition: styles lost due to concurrent rendering (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92459\"\u003e#92459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturbo-tasks-backend: stability fixes for task cancellation and error handling (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92254\"\u003e#92254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/icyJoseph\"\u003e\u003ccode\u003e@​icyJoseph\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sokra\"\u003e\u003ccode\u003e@​sokra\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/wbinnssmith\"\u003e\u003ccode\u003e@​wbinnssmith\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev16.2.2\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport: Move expanded adapters docs to API reference (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92115\"\u003e#92115\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92129\"\u003e#92129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: TypeScript v6 deprecations for baseUrl and moduleResolution (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92130\"\u003e#92130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[create-next-app] Skip interactive prompts when CLI flags are provided (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91840\"\u003e#91840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enext.config.js: Accept an option for serverFastRefresh (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91968\"\u003e#91968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: enable server HMR for app route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91466\"\u003e#91466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: exclude metadata routes from server HMR (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92034\"\u003e#92034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix CI for glibc linux builds\u003c/li\u003e\n\u003cli\u003eBackport: disable bmi2 in qfilter \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92177\"\u003e#92177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[backport] Fix CSS HMR on Safari (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92174\"\u003e#92174\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2275bd8598c88e8652d1271e74bcf972f72f4f38\"\u003e\u003ccode\u003e2275bd8\u003c/code\u003e\u003c/a\u003e v16.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e07398321a37115626b0271697e51418db109cad\"\u003e\u003ccode\u003ee073983\u003c/code\u003e\u003c/a\u003e Adding more system info to the 'initialize project' trace (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92427\"\u003e#92427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8a540b58b683bb79667d6e908d45df0e9e9c9f9c\"\u003e\u003ccode\u003e8a540b5\u003c/code\u003e\u003c/a\u003e Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2f5343fafb2052c59cf62018252b75da3e7d424a\"\u003e\u003ccode\u003e2f5343f\u003c/code\u003e\u003c/a\u003e Turbopack: shorter error for ChunkGroupInfo::get_index_of (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92814\"\u003e#92814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2ad9d3fb58801adb7df87873fc299a4e9a5ab199\"\u003e\u003ccode\u003e2ad9d3f\u003c/code\u003e\u003c/a\u003e turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6f3808e2043d168d4fb6fa3f9184e755076a16b0\"\u003e\u003ccode\u003e6f3808e\u003c/code\u003e\u003c/a\u003e Compiler: Support boolean and number primtives in next.config defines (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92731\"\u003e#92731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fbc7684ecbd360da8af602e50780637fc79354d5\"\u003e\u003ccode\u003efbc7684\u003c/code\u003e\u003c/a\u003e Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92580\"\u003e#92580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/805d758d935beb0abbc70639c6af0fc9d839273b\"\u003e\u003ccode\u003e805d758\u003c/code\u003e\u003c/a\u003e Turbopack: fix filesystem watcher config not applying follow_symlinks(false) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1056fae3565d88719ef41f5b05447ace75e26d7e\"\u003e\u003ccode\u003e1056fae\u003c/code\u003e\u003c/a\u003e chore: Bump reqwest to 0.13.2 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92713\"\u003e#92713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d5f649b2f4affdad1009cb178c1e3b37f4f1ad3f\"\u003e\u003ccode\u003ed5f649b\u003c/code\u003e\u003c/a\u003e v16.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.5...v16.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next-auth` from 4.24.7 to 4.24.12\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/1f48cf7cbbc43517174cb47b4eb5dd402025c8b7\"\u003e\u003ccode\u003e1f48cf7\u003c/code\u003e\u003c/a\u003e chore(release): bump version [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/4758a2f1ff185c9759df0c558b03fe931920d0a5\"\u003e\u003ccode\u003e4758a2f\u003c/code\u003e\u003c/a\u003e ci: add \u003ccode\u003eworkflow_dispatch\u003c/code\u003e for release.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/d3aecfe1f150434e1cfff21c291277137266827a\"\u003e\u003ccode\u003ed3aecfe\u003c/code\u003e\u003c/a\u003e feat: add next 16 support (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13303\"\u003e#13303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/82efcf81f218aae43683f8dd2f7c260ef69b3ece\"\u003e\u003ccode\u003e82efcf8\u003c/code\u003e\u003c/a\u003e fix: security issue from \u003ccode\u003enodemailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13304\"\u003e#13304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/798c3d59274cddc5ad22d4a68c211736f0deb191\"\u003e\u003ccode\u003e798c3d5\u003c/code\u003e\u003c/a\u003e docs: update banner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/02d3480f8d8405af52eaa0cdc2f8f75bb7e8b4e8\"\u003e\u003ccode\u003e02d3480\u003c/code\u003e\u003c/a\u003e chore: remove clerk ads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/7f88fa0ba97e7aab43c931dfe674e51748723da3\"\u003e\u003ccode\u003e7f88fa0\u003c/code\u003e\u003c/a\u003e chore: remove sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/46e01af41fc028f22322f225f4f03c0dce069035\"\u003e\u003ccode\u003e46e01af\u003c/code\u003e\u003c/a\u003e chore(docs): update credentials.md app router route.js filename (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13025\"\u003e#13025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/11939f2f70495c0408d0187dbfa0741fdd5916e6\"\u003e\u003ccode\u003e11939f2\u003c/code\u003e\u003c/a\u003e feat(core): add default cache control headers for GET endpoints (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/12627\"\u003e#12627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/918a6ac37beb766402940db64584df407668bbea\"\u003e\u003ccode\u003e918a6ac\u003c/code\u003e\u003c/a\u003e docs: Update FAQ with \u003ccode\u003eallowDangerousEmailAccountLinking\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/12586\"\u003e#12586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.7...next-auth@4.24.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~himself_65\"\u003ehimself_65\u003c/a\u003e, a new releaser for next-auth since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.25.0 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 4.0.0 to 4.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@stablelib/ed25519`\n\nUpdates `bn.js` from 5.2.1 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.5.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.5.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `defu` from 6.1.4 to 6.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/releases\"\u003edefu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/blob/main/CHANGELOG.md\"\u003edefu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edefu.d.cts:\u003c/strong\u003e Export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🏡 Chore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tea.yaml (\u003ca href=\"https://github.com/unjs/defu/commit/70cffe5\"\u003e70cffe5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate repo (\u003ca href=\"https://github.com/unjs/defu/commit/23cc432\"\u003e23cc432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typecheck (\u003ca href=\"https://github.com/unjs/defu/commit/89df6bb\"\u003e89df6bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🤖 CI\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/80c0146afb11ebd86183a579ec469f3abd976695\"\u003e\u003ccode\u003e80c0146\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/40d7ef42d30db975bf80c340e7856c1ad3568321\"\u003e\u003ccode\u003e40d7ef4\u003c/code\u003e\u003c/a\u003e fix(defu.d.cts): export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/3d3a7c89ca78f3fa43ec7194b12e44e4b0568697\"\u003e\u003ccode\u003e3d3a7c8\u003c/code\u003e\u003c/a\u003e build: correct the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/001c2906010eb65c1bb13ccd1f4abea09e10405b\"\u003e\u003ccode\u003e001c290\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/407b51645c41a57da6efac5b40967f2c60ce4f12\"\u003e\u003ccode\u003e407b516\u003c/code\u003e\u003c/a\u003e build: fix mixed types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/23e59e684cb6a432aad13f308d142247e31b6315\"\u003e\u003ccode\u003e23e59e6\u003c/code\u003e\u003c/a\u003e chore(release): v6.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/11ba02213d4b1c6b02dd686041f75edc479c98e9\"\u003e\u003ccode\u003e11ba022\u003c/code\u003e\u003c/a\u003e fix: ignore inherited enumerable properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/3942bfbbcaa72084bd4284846c83bd61ed7c8b29\"\u003e\u003ccode\u003e3942bfb\u003c/code\u003e\u003c/a\u003e fix: prevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/d3ef16dabe861713192ba8679c5db8e0ac143f9b\"\u003e\u003ccode\u003ed3ef16d\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/checkout action to v6 (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unjs/defu/commit/869a053effb7b1bf49a1635e1bb211840daa589e\"\u003e\u003ccode\u003e869a053\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/unjs/defu/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.1 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084ad...\n\n_Description has been truncated_","html_url":"https://github.com/LoLoSenPai/roro-website/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LoLoSenPai%2Froro-website/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.2.0","new_version":"2.2.1","update_type":"patch","path":null,"pr_created_at":"2026-04-15T20:29:38.000Z","version_change":"2.2.0 → 2.2.1","issue":{"uuid":"4271510003","node_id":"PR_kwDOG8TLTs7SxFuN","number":1121,"state":"closed","title":"Bump the npm group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-17T20:25:57.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T20:29:38.000Z","updated_at":"2026-04-17T20:25:59.000Z","time_to_close":172579,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm","update_count":37,"packages":[{"name":"@patternfly/react-code-editor","old_version":"6.4.0","new_version":"6.4.1","repository_url":"https://github.com/patternfly/patternfly-react"},{"name":"@patternfly/react-table","old_version":"6.4.0","new_version":"6.4.1","repository_url":"https://github.com/patternfly/patternfly-react"},{"name":"body-parser","old_version":"2.2.0","new_version":"2.2.2","repository_url":"https://github.com/expressjs/body-parser"},{"name":"cytoscape","old_version":"3.33.1","new_version":"3.33.2","repository_url":"https://github.com/cytoscape/cytoscape.js"},{"name":"express","old_version":"5.1.0","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"graphql","old_version":"16.11.0","new_version":"16.13.2","repository_url":"https://github.com/graphql/graphql-js"},{"name":"react","old_version":"19.2.0","new_version":"19.2.5","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.5","repository_url":"https://github.com/facebook/react"},{"name":"send","old_version":"1.2.0","new_version":"1.2.1","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"2.2.0","new_version":"2.2.1","repository_url":"https://github.com/expressjs/serve-static"},{"name":"universal-cookie","old_version":"8.0.1","new_version":"8.1.0","repository_url":"https://github.com/ItsBenCodes/cookies"},{"name":"urql","old_version":"5.0.1","new_version":"5.0.2","repository_url":"https://github.com/urql-graphql/urql"},{"name":"@eslint/config-array","old_version":"0.21.1","new_version":"0.23.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/object-schema","old_version":"2.1.7","new_version":"3.0.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"copy-webpack-plugin","old_version":"13.0.1","new_version":"14.0.0","repository_url":"https://github.com/webpack/copy-webpack-plugin"},{"name":"css-loader","old_version":"7.1.2","new_version":"7.1.4","repository_url":"https://github.com/webpack/css-loader"},{"name":"css-minimizer-webpack-plugin","old_version":"7.0.2","new_version":"8.0.0","repository_url":"https://github.com/webpack/css-minimizer-webpack-plugin"},{"name":"dotenv-webpack","old_version":"8.1.1","new_version":"9.0.0","repository_url":"https://github.com/mrsteele/dotenv-webpack"},{"name":"esbuild-loader","old_version":"4.4.0","new_version":"4.4.3","repository_url":"https://github.com/privatenumber/esbuild-loader"},{"name":"eslint","old_version":"9.38.0","new_version":"9.39.4","repository_url":"https://github.com/eslint/eslint"},{"name":"html-webpack-plugin","old_version":"5.6.4","new_version":"5.6.6","repository_url":"https://github.com/jantimon/html-webpack-plugin"},{"name":"mini-css-extract-plugin","old_version":"2.9.4","new_version":"2.10.2","repository_url":"https://github.com/webpack/mini-css-extract-plugin"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"prettier","old_version":"3.6.2","new_version":"3.8.3","repository_url":"https://github.com/prettier/prettier"},{"name":"react-router-dom","old_version":"7.9.5","new_version":"7.14.1","repository_url":"https://github.com/remix-run/react-router"},{"name":"rimraf","old_version":"6.0.1","new_version":"6.1.3","repository_url":"https://github.com/isaacs/rimraf"},{"name":"terser-webpack-plugin","old_version":"5.3.14","new_version":"5.4.0","repository_url":"https://github.com/webpack/terser-webpack-plugin"},{"name":"ts-loader","old_version":"9.5.4","new_version":"9.5.7","repository_url":"https://github.com/TypeStrong/ts-loader"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.2","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"typescript-eslint","old_version":"8.46.2","new_version":"8.58.2","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"webpack","old_version":"5.102.1","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-cli","old_version":"6.0.1","new_version":"7.0.2","repository_url":"https://github.com/webpack/webpack-cli"},{"name":"webpack-dev-server","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/webpack/webpack-dev-server"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm group with 36 updates in the /ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@patternfly/react-code-editor](https://github.com/patternfly/patternfly-react) | `6.4.0` | `6.4.1` |\n| [@patternfly/react-table](https://github.com/patternfly/patternfly-react) | `6.4.0` | `6.4.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `2.2.0` | `2.2.2` |\n| [cytoscape](https://github.com/cytoscape/cytoscape.js) | `3.33.1` | `3.33.2` |\n| [express](https://github.com/expressjs/express) | `5.1.0` | `5.2.1` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.11.0` | `16.13.2` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.5` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.5` |\n| [send](https://github.com/pillarjs/send) | `1.2.0` | `1.2.1` |\n| [serve-static](https://github.com/expressjs/serve-static) | `2.2.0` | `2.2.1` |\n| [universal-cookie](https://github.com/ItsBenCodes/cookies) | `8.0.1` | `8.1.0` |\n| [urql](https://github.com/urql-graphql/urql/tree/HEAD/packages/react-urql) | `5.0.1` | `5.0.2` |\n| [@eslint/config-array](https://github.com/eslint/rewrite/tree/HEAD/packages/config-array) | `0.21.1` | `0.23.5` |\n| [@eslint/object-schema](https://github.com/eslint/rewrite/tree/HEAD/packages/object-schema) | `2.1.7` | `3.0.5` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.46.2` | `8.58.2` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.46.2` | `8.58.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [copy-webpack-plugin](https://github.com/webpack/copy-webpack-plugin) | `13.0.1` | `14.0.0` |\n| [css-loader](https://github.com/webpack/css-loader) | `7.1.2` | `7.1.4` |\n| [css-minimizer-webpack-plugin](https://github.com/webpack/css-minimizer-webpack-plugin) | `7.0.2` | `8.0.0` |\n| [dotenv-webpack](https://github.com/mrsteele/dotenv-webpack) | `8.1.1` | `9.0.0` |\n| [esbuild-loader](https://github.com/privatenumber/esbuild-loader) | `4.4.0` | `4.4.3` |\n| [eslint](https://github.com/eslint/eslint) | `9.38.0` | `9.39.4` |\n| [html-webpack-plugin](https://github.com/jantimon/html-webpack-plugin) | `5.6.4` | `5.6.6` |\n| [mini-css-extract-plugin](https://github.com/webpack/mini-css-extract-plugin) | `2.9.4` | `2.10.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.8.3` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.9.5` | `7.14.1` |\n| [rimraf](https://github.com/isaacs/rimraf) | `6.0.1` | `6.1.3` |\n| [terser-webpack-plugin](https://github.com/webpack/terser-webpack-plugin) | `5.3.14` | `5.4.0` |\n| [ts-loader](https://github.com/TypeStrong/ts-loader) | `9.5.4` | `9.5.7` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.2` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.46.2` | `8.58.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.102.1` | `5.106.2` |\n| [webpack-cli](https://github.com/webpack/webpack-cli) | `6.0.1` | `7.0.2` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.2` | `5.2.3` |\n\n\nUpdates `@patternfly/react-code-editor` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-code-editor@6.4.0...@patternfly/react-code-editor@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ausuliv\"\u003eausuliv\u003c/a\u003e, a new releaser for \u003ccode\u003e@​patternfly/react-code-editor\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@patternfly/react-core` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-core@6.4.0...@patternfly/react-core@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ausuliv\"\u003eausuliv\u003c/a\u003e, a new releaser for \u003ccode\u003e@​patternfly/react-core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@patternfly/react-table` from 6.4.0 to 6.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/476782a298df81cb78de7f3cd804f3ff8f33993c\"\u003e\u003ccode\u003e476782a\u003c/code\u003e\u003c/a\u003e chore(release): releasing packages [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/008ef37edcaa6d92ead6ff160998a4447716e464\"\u003e\u003ccode\u003e008ef37\u003c/code\u003e\u003c/a\u003e publish patch release 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3588999bebdf046abd8f8082581fd900d03115e0\"\u003e\u003ccode\u003e3588999\u003c/code\u003e\u003c/a\u003e fixed block branch for 6.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/667675855ef088deab2192a0a6f54a33f19231dc\"\u003e\u003ccode\u003e6676758\u003c/code\u003e\u003c/a\u003e fixed invalid yaml file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/79ea3078afc6db796533e0c576bc164aca765aaf\"\u003e\u003ccode\u003e79ea307\u003c/code\u003e\u003c/a\u003e chore: update to release build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/2f93022baa769bcfc92a09f1bf9470e50dc64f2e\"\u003e\u003ccode\u003e2f93022\u003c/code\u003e\u003c/a\u003e chore: cherry picked security updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/4287fec474bfa2dcb898aa21f1aa005966cfe094\"\u003e\u003ccode\u003e4287fec\u003c/code\u003e\u003c/a\u003e fix(CodeEditor): prevent focus loss (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12211\"\u003e#12211\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12212\"\u003e#12212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/3945ce7b6b3dc1ba68fab9f5df92251101111d4e\"\u003e\u003ccode\u003e3945ce7\u003c/code\u003e\u003c/a\u003e chore: updated to patch release dry run in release.sh\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patternfly/patternfly-react/commit/900686dbfda5ab47731e64e3be1fcd2eeedee358\"\u003e\u003ccode\u003e900686d\u003c/code\u003e\u003c/a\u003e fix(Wizard): Fix crash in nav when first sub-step is hidden (\u003ca href=\"https://redirect.github.com/patternfly/patternfly-react/issues/12166\"\u003e#12166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patternfly/patternfly-react/compare/@patternfly/react-table@6.4.0...@patternfly/react-table@6.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cytoscape` from 3.33.1 to 3.33.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cytoscape/cytoscape.js/releases\"\u003ecytoscape's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.33.2\u003c/h2\u003e\n\u003cp\u003eRelease version v3.33.2\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/5e4655726466721a344413665b7be4f133fe3aa4\"\u003e\u003ccode\u003e5e46557\u003c/code\u003e\u003c/a\u003e 3.33.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/d790c9eb6407bac9ed187f7633280af9e0b5db79\"\u003e\u003ccode\u003ed790c9e\u003c/code\u003e\u003c/a\u003e Build 3.33.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/2e50aca0baa6841a61741e60318612d452aea2df\"\u003e\u003ccode\u003e2e50aca\u003c/code\u003e\u003c/a\u003e Docs: Add 3.33.2 to versions.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/9e7841e398f001ab4e13083b4b14b35c0e46fccd\"\u003e\u003ccode\u003e9e7841e\u003c/code\u003e\u003c/a\u003e Merge branch 'unstable' into 'master'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/31e2cfdd66bbdcae164cac7b2c6e81fa8e0f6336\"\u003e\u003ccode\u003e31e2cfd\u003c/code\u003e\u003c/a\u003e Merge branch 'fix/polygon-miter-bounds' into unstable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/34ecc6381391369103656ffa057538b7c50c23bb\"\u003e\u003ccode\u003e34ecc63\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3432\"\u003e#3432\u003c/a\u003e from LeeBhin/fix/polygon-miter-bounds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/816e98077a6447f491efec81b22cab19e5a56f25\"\u003e\u003ccode\u003e816e980\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3433\"\u003e#3433\u003c/a\u003e from jmg421/docs/fix-es5-esm-description\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/37bf20a773d10ce7bc8d13ed75f017ecc9cb5bcd\"\u003e\u003ccode\u003e37bf20a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cytoscape/cytoscape.js/issues/3435\"\u003e#3435\u003c/a\u003e from jmg421/docs/fix-readme-build-targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/a3bd0ff01382fe1ac2ede7b283030f522dd2a45f\"\u003e\u003ccode\u003ea3bd0ff\u003c/code\u003e\u003c/a\u003e Move polygon bounds tests from Mocha to Playwright suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cytoscape/cytoscape.js/commit/9a33f6a26eaac41f4b1489efe7723ac13d0aaae9\"\u003e\u003ccode\u003e9a33f6a\u003c/code\u003e\u003c/a\u003e docs: fix build target list in README (umd listed twice, missing cjs)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cytoscape/cytoscape.js/compare/v3.33.1...v3.33.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mikekucera\"\u003emikekucera\u003c/a\u003e, a new releaser for cytoscape since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 5.1.0 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 5.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6933\"\u003eexpressjs/express#6933\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/expressjs/express/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6429\"\u003eexpressjs/express#6429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: simplify \u003ccode\u003eacceptsLanguages\u003c/code\u003e implementation using spread operator by \u003ca href=\"https://github.com/Ayoub-Mabrouk\"\u003e\u003ccode\u003e@​Ayoub-Mabrouk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6137\"\u003eexpressjs/express#6137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eincreased code coverage of utils.js file by \u003ca href=\"https://github.com/ashish3011\"\u003e\u003ccode\u003e@​ashish3011\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6386\"\u003eexpressjs/express#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove duplicate word by \u003ca href=\"https://github.com/dufucun\"\u003e\u003ccode\u003e@​dufucun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6456\"\u003eexpressjs/express#6456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6498\"\u003eexpressjs/express#6498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6497\"\u003eexpressjs/express#6497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6496\"\u003eexpressjs/express#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6504\"\u003eexpressjs/express#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update codeql config by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6488\"\u003eexpressjs/express#6488\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6512\"\u003eexpressjs/express#6512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typos in test by \u003ca href=\"https://github.com/noritaka1166\"\u003e\u003ccode\u003e@​noritaka1166\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6535\"\u003eexpressjs/express#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: disable credential persistence for checkout actions by \u003ca href=\"https://github.com/mertssmnoglu\"\u003e\u003ccode\u003e@​mertssmnoglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6522\"\u003eexpressjs/express#6522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: allow manual triggering of workflow by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6515\"\u003eexpressjs/express#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: add coverage for app.listen() variants by \u003ca href=\"https://github.com/kgarg1\"\u003e\u003ccode\u003e@​kgarg1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6476\"\u003eexpressjs/express#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: move documentation and charters to the discussions and .github … by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6427\"\u003eexpressjs/express#6427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6549\"\u003eexpressjs/express#6549\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6548\"\u003eexpressjs/express#6548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: enforce explicit \u003ccode\u003eBuffer\u003c/code\u003e import and add lint rule by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6525\"\u003eexpressjs/express#6525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use node protocol for querystring by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6520\"\u003eexpressjs/express#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo by \u003ca href=\"https://github.com/mountdisk\"\u003e\u003ccode\u003e@​mountdisk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6609\"\u003eexpressjs/express#6609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6618\"\u003eexpressjs/express#6618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd deprecation warnings for redirect arguments undefined by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6405\"\u003eexpressjs/express#6405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: run CI when the markdown changes by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6632\"\u003eexpressjs/express#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: fix CONTRIBUTING link by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6653\"\u003eexpressjs/express#6653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update contributing guidelines and code of conduct links by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6601\"\u003eexpressjs/express#6601\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump morgan from 1.10.0 to 1.10.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6679\"\u003eexpressjs/express#6679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6678\"\u003eexpressjs/express#6678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elint: add --fix flag to automatic fix linting issue by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6644\"\u003eexpressjs/express#6644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: ignore yarn.lock file and update example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6588\"\u003eexpressjs/express#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elib: use req.socket over deprecated req.connection by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6705\"\u003eexpressjs/express#6705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: update express app example by \u003ca href=\"https://github.com/shivarm\"\u003e\u003ccode\u003e@​shivarm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6718\"\u003eexpressjs/express#6718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6675\"\u003eexpressjs/express#6675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove history.md from being packaged on publish by \u003ca href=\"https://github.com/sheplu\"\u003e\u003ccode\u003e@​sheplu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6780\"\u003eexpressjs/express#6780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/master/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e5.2.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: \u003ccode\u003ebody-parser@^2.2.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA deprecation warning was added when using \u003ccode\u003eres.redirect\u003c/code\u003e with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dbac741a49a5a64336b70c06e85c2e2706e36336\"\u003e\u003ccode\u003edbac741\u003c/code\u003e\u003c/a\u003e 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/697547cde621d8b0a47b4fff6e98b29337f8c980\"\u003e\u003ccode\u003e697547c\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/4007ad103ba29f6426b2ec9eccfb1ceb792682a8\"\u003e\u003ccode\u003e4007ad1\u003c/code\u003e\u003c/a\u003e Release: 5.2.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/2f64f68c37c64ae333e41ff38032d21860f22255\"\u003e\u003ccode\u003e2f64f68\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/ed0ba3f1dc905d6b62eabf23bd383abcae4901ba\"\u003e\u003ccode\u003eed0ba3f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6928\"\u003e#6928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8eace4603cb2547608578a4fbb259dc984216f71\"\u003e\u003ccode\u003e8eace46\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6929\"\u003e#6929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/30bae810279b2ea162bed5b14ce6c35a110a87f5\"\u003e\u003ccode\u003e30bae81\u003c/code\u003e\u003c/a\u003e build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6930\"\u003e#6930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/758d4355d45322b4c8cd347ebcefbf3b154c7e7f\"\u003e\u003ccode\u003e758d435\u003c/code\u003e\u003c/a\u003e deps: body-parser@^2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/77bcd5274a87047e5b3fe2f17f6c342db3909c53\"\u003e\u003ccode\u003e77bcd52\u003c/code\u003e\u003c/a\u003e docs: update emeritus triagers (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6890\"\u003e#6890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f33caf1f89a028f0ea98ff5a156a68e65a2eabdd\"\u003e\u003ccode\u003ef33caf1\u003c/code\u003e\u003c/a\u003e Nominate to \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e for triage team (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6888\"\u003e#6888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/v5.1.0...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `graphql` from 16.11.0 to 16.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/graphql/graphql-js/releases\"\u003egraphql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.13.2 (2026-03-24)\u003c/h2\u003e\n\u003ch4\u003eDocs 📝\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4611\"\u003e#4611\u003c/a\u003e add dev mode docs (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePolish 💅\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4631\"\u003e#4631\u003c/a\u003e Use \u003ccode\u003eObject.create(null)\u003c/code\u003e over \u003ccode\u003e{}\u003c/code\u003e to avoid prototype issues - v16 (\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4626\"\u003e#4626\u003c/a\u003e backport: internal: streamline release process (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4615\"\u003e#4615\u003c/a\u003e) (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBenjie(\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYaacov Rydzinski (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.13.1 (2026-03-04)\u003c/h2\u003e\n\u003cp\u003eFirst 16.x.x release with trusted publishing and provenance, see: \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003ehttps://docs.npmjs.com/trusted-publishers\u003c/a\u003e for additional information.\u003c/p\u003e\n\u003ch4\u003eDocs 📝\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4433\"\u003e#4433\u003c/a\u003e docs: move migrate from express graphql guide to graphqlJS docs (\u003ca href=\"https://github.com/sarahxsanders\"\u003e\u003ccode\u003e@​sarahxsanders\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4608\"\u003e#4608\u003c/a\u003e internal: backport new release flow from 17.x.x (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4610\"\u003e#4610\u003c/a\u003e internal: pin node version for release action (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSarah Sanders(\u003ca href=\"https://github.com/sarahxsanders\"\u003e\u003ccode\u003e@​sarahxsanders\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYaacov Rydzinski (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e16.13.0\u003c/h2\u003e\n\u003ch2\u003ev16.13.0 (2026-02-24)\u003c/h2\u003e\n\u003ch4\u003eNew Feature 🚀\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4458\"\u003e#4458\u003c/a\u003e Sibling errors should not be added after propagation (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eBug Fix 🐞\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4336\"\u003e#4336\u003c/a\u003e add deprecated note to assertValidExecutionArguments (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4517\"\u003e#4517\u003c/a\u003e fix(validation): incorrect validation errors when variable descriptions are used (\u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eInternal 🏠\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4506\"\u003e#4506\u003c/a\u003e Version packages (\u003ca href=\"https://github.com/JoviDeCroock\"\u003e\u003ccode\u003e@​JoviDeCroock\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4514\"\u003e#4514\u003c/a\u003e chore: always ignore scripts (\u003ca href=\"https://github.com/benjie\"\u003e\u003ccode\u003e@​benjie\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/graphql/graphql-js/pull/4524\"\u003e#4524\u003c/a\u003e update contributing (\u003ca href=\"https://github.com/yaacovCR\"\u003e\u003ccode\u003e@​yaacovCR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/123e958de1362eef098c30e917b51981c484729e\"\u003e\u003ccode\u003e123e958\u003c/code\u003e\u003c/a\u003e chore(release): v16.13.2 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/13f130d229311cfaf3accff12d3b7134e8d43a8c\"\u003e\u003ccode\u003e13f130d\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eObject.create(null)\u003c/code\u003e over \u003ccode\u003e{}\u003c/code\u003e to avoid prototype issues - v16 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4631\"\u003e#4631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/6ca59e128fe6cf26f1335fbd81d2f4a30bf9fce1\"\u003e\u003ccode\u003e6ca59e1\u003c/code\u003e\u003c/a\u003e backport: internal: streamline release process (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4615\"\u003e#4615\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4626\"\u003e#4626\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/df8c53f5157b9d8312160b1d5baf1f7029213097\"\u003e\u003ccode\u003edf8c53f\u003c/code\u003e\u003c/a\u003e docs: dev mode for v17 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4611\"\u003e#4611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/3b5c3f949ba1f3709f260984becd266b0c6fb4e8\"\u003e\u003ccode\u003e3b5c3f9\u003c/code\u003e\u003c/a\u003e internal: pin node version for release action (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4610\"\u003e#4610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/6dee4356c78458003cee3a851242ec99e4e1627b\"\u003e\u003ccode\u003e6dee435\u003c/code\u003e\u003c/a\u003e chore(release): v16.13.1 (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4609\"\u003e#4609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/c2ad5c6494a5e2d8b6a73c49bf13306d7f5c9533\"\u003e\u003ccode\u003ec2ad5c6\u003c/code\u003e\u003c/a\u003e internal: backport new release flow from 17.x.x (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4608\"\u003e#4608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/adff4e66ed048cdac4eb96b8750ab6d5a2763cfe\"\u003e\u003ccode\u003eadff4e6\u003c/code\u003e\u003c/a\u003e docs: move migrate from express graphql guide to graphqlJS docs (\u003ca href=\"https://redirect.github.com/graphql/graphql-js/issues/4433\"\u003e#4433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/7569989a8850c00a4e90ffdb56f1c6094cdcd795\"\u003e\u003ccode\u003e7569989\u003c/code\u003e\u003c/a\u003e 16.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql/graphql-js/commit/49450d85c3dfb1301faac61da08830896929d5fd\"\u003e\u003ccode\u003e49450d8\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;deprecate (internal) buildResolveInfo in favor of (internal) ResolveI...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/graphql/graphql-js/compare/v16.11.0...v16.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for graphql since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.0 to 19.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.4 (January 26th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more DoS mitigations to Server Actions, and harden Server Components (\u003ca href=\"https://redirect.github.com/facebook/react/pull/35632\"\u003e#35632\u003c/a\u003e by \u003ca href=\"https://github.com/gnoff\"\u003e\u003ccode\u003e@​gnoff\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lubieowoce\"\u003e\u003ccode\u003e@​lubieowoce\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.3 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd extra loop protection to React Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35351\"\u003e#35351\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.2 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove \u003ccode\u003ereact-server-dom-webpack/*.unbundled\u003c/code\u003e to private \u003ccode\u003ereact-server-dom-unbundled\u003c/code\u003e (\u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35290\"\u003efacebook/react#35290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch Promise cycles and toString on Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35289\"\u003e#35289\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/facebook/react/pull/35345\"\u003e#35345\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.1 (December 3rd, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/blob/main/CHANGELOG.md\"\u003ereact's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.1 (Dec 3, 2025)\u003c/h2\u003e\n\u003ch3\u003eReact Server Components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/90ab3f89f4824ac763b6f877c6f711200d1338d2\"\u003e\u003ccode\u003e90ab3f8\u003c/code\u003e\u003c/a\u003e Version 19.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/612e371fb215498edde4c853bd1e0c8e9203808f\"\u003e\u003ccode\u003e612e371\u003c/code\u003e\u003c/a\u003e Version 19.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/b910fc15e38d4fa80003819ddb7a928a3c3dca5d\"\u003e\u003ccode\u003eb910fc1\u003c/code\u003e\u003c/a\u003e Version 19.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/053df4e8561ef4caecef31c330f4178ac25e255b\"\u003e\u003ccode\u003e053df4e\u003c/code\u003e\u003c/a\u003e Version 19.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.5/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.0 to 19.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.4 (January 26th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more DoS mitigations to Server Actions, and harden Server Components (\u003ca href=\"https://redirect.github.com/facebook/react/pull/35632\"\u003e#35632\u003c/a\u003e by \u003ca href=\"https://github.com/gnoff\"\u003e\u003ccode\u003e@​gnoff\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lubieowoce\"\u003e\u003ccode\u003e@​lubieowoce\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.3 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd extra loop protection to React Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35351\"\u003e#35351\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.2 (December 11th, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove \u003ccode\u003ereact-server-dom-webpack/*.unbundled\u003c/code\u003e to private \u003ccode\u003ereact-server-dom-unbundled\u003c/code\u003e (\u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35290\"\u003efacebook/react#35290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch Promise cycles and toString on Server Functions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35289\"\u003e#35289\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/facebook/react/pull/35345\"\u003e#35345\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.1 (December 3rd, 2025)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/blob/main/CHANGELOG.md\"\u003ereact-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.1 (Dec 3, 2025)\u003c/h2\u003e\n\u003ch3\u003eReact Server Components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBring React Server Component fixes to Server Actions (\u003ca href=\"https://github.com/sebmarkbage\"\u003e\u003ccode\u003e@​sebmarkbage\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/facebook/react/pull/35277\"\u003e#35277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/90ab3f89f4824ac763b6f877c6f711200d1338d2\"\u003e\u003ccode\u003e90ab3f8\u003c/code\u003e\u003c/a\u003e Version 19.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/612e371fb215498edde4c853bd1e0c8e9203808f\"\u003e\u003ccode\u003e612e371\u003c/code\u003e\u003c/a\u003e Version 19.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/b910fc15e38d4fa80003819ddb7a928a3c3dca5d\"\u003e\u003ccode\u003eb910fc1\u003c/code\u003e\u003c/a\u003e Version 19.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/053df4e8561ef4caecef31c330f4178ac25e255b\"\u003e\u003ccode\u003e053df4e\u003c/code\u003e\u003c/a\u003e Version 19.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.5/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 1.2.0 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add CodeQl (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/250\"\u003epillarjs/send#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/255\"\u003epillarjs/send#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[StepSecurity] Apply security best practices by \u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/265\"\u003epillarjs/send#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.23.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/257\"\u003epillarjs/send#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/269\"\u003epillarjs/send#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/268\"\u003epillarjs/send#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/267\"\u003epillarjs/send#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/278\"\u003epillarjs/send#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/277\"\u003epillarjs/send#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/276\"\u003epillarjs/send#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/275\"\u003epillarjs/send#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/272\"\u003epillarjs/send#272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/262\"\u003epillarjs/send#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump supertest from 6.2.2 to 6.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/260\"\u003epillarjs/send#260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/283\"\u003epillarjs/send#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.31.2 to 4.31.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/282\"\u003epillarjs/send#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove HISTORY.md from tarball by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/285\"\u003epillarjs/send#285\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Node.js 25 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/284\"\u003epillarjs/send#284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependency ranges to latest versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/286\"\u003epillarjs/send#286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.2.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/281\"\u003epillarjs/send#281\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security-bot\"\u003e\u003ccode\u003e@​step-security-bot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/256\"\u003epillarjs/send#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/266\"\u003epillarjs/send#266\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ehttps://github.com/pillarjs/send/compare/1.2.0...1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.1 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor changes (package metadata)\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edebug@^4.4.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehttp-errors@^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emime-types@^3.0.2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatuses@^2.0.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/096a6148bea0b82ca974fe0016e6eac280869249\"\u003e\u003ccode\u003e096a614\u003c/code\u003e\u003c/a\u003e 1.2.1 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/861e3c609c52669c79ef7e5e268cc3d6a51f6912\"\u003e\u003ccode\u003e861e3c6\u003c/code\u003e\u003c/a\u003e chore: update depenency ranges to latest versions (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/a40fcd4aef752bc0540234e36d5f3e6a1e384852\"\u003e\u003ccode\u003ea40fcd4\u003c/code\u003e\u003c/a\u003e ci: add Node.js 25 to test matrix (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/7740dde70eb61547c87089b53619089a5c911502\"\u003e\u003ccode\u003e7740dde\u003c/code\u003e\u003c/a\u003e chore: remove HISTORY.md from tarball (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f532f4115fc6c92ade88c5abe83297d64a39e515\"\u003e\u003ccode\u003ef532f41\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/f9b651ff01c8761b7ec0ddefcc92baa19789c7eb\"\u003e\u003ccode\u003ef9b651f\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/db2558b7bd3fe7f183e54e50bc753a725822755a\"\u003e\u003ccode\u003edb2558b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump supertest from 6.2.2 to 6.3.4 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/136fcf6465495db3e8b55d9463721e12613333af\"\u003e\u003ccode\u003e136fcf6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/262\"\u003e#262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/fac9c3f6af95e55d93966a334c2565f434fff6a7\"\u003e\u003ccode\u003efac9c3f\u003c/code\u003e\u003c/a\u003e build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/cd0c2535f31100a4224c82deb32e93e3b07b0ac1\"\u003e\u003ccode\u003ecd0c253\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/setup-node from 4 to 6 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/send/compare/1.2.0...1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 2.2.0 to 2.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/202\"\u003eexpressjs/serve-static#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/201\"\u003eexpressjs/serve-static#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/204\"\u003eexpressjs/serve-static#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/205\"\u003eexpressjs/serve-static#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/209\"\u003eexpressjs/serve-static#209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/210\"\u003eexpressjs/serve-static#210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/211\"\u003eexpressjs/serve-static#211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/212\"\u003eexpressjs/serve-static#212\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/213\"\u003eexpressjs/serve-static#213\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/216\"\u003eexpressjs/serve-static#216\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/226\"\u003eexpressjs/serve-static#226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/225\"\u003eexpressjs/serve-static#225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 4.31.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/224\"\u003eexpressjs/serve-static#224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/serve-st...\n\n_Description has been truncated_","html_url":"https://github.com/ghjm/connectopus/pull/1121","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ghjm%2Fconnectopus/issues/1121","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1121/packages"}},{"old_version":"1.14.1","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-13T15:16:17.000Z","version_change":"1.14.1 → 1.16.3","issue":{"uuid":"4255971068","node_id":"PR_kwDOFz4CM87SBlMt","number":40,"state":"closed","title":"build(deps): bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-16T00:26:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T15:16:17.000Z","updated_at":"2026-04-16T00:26:57.000Z","time_to_close":205838,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.1","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.1","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sctlcd/angular-first-app_tell-me-a-joke/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sctlcd/angular-first-app_tell-me-a-joke/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sctlcd%2Fangular-first-app_tell-me-a-joke/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-10T09:55:24.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4238280797","node_id":"PR_kwDOIYOfHc7RaHEc","number":1,"state":"closed","title":"Bump the npm_and_yarn group across 5 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-11T00:56:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-10T09:55:24.000Z","updated_at":"2026-04-11T00:56:22.000Z","time_to_close":54056,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"dompurify","old_version":"2.3.6","new_version":"removed","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"prismjs","old_version":"1.28.0","new_version":"1.30.0","repository_url":"https://github.com/PrismJS/prism"},{"name":"send","old_version":"0.18.0","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"ws","old_version":"7.5.7","new_version":"7.5.10","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /libraries/site-analytics directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /libraries/manifest-validation directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 8 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `2.3.6` | `removed` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [prismjs](https://github.com/PrismJS/prism) | `1.28.0` | `1.30.0` |\n| [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` |\n\nBumps the npm_and_yarn group with 13 updates in the /components/pwa-update directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` |\n| [socket.io](https://github.com/socketio/socket.io) | `4.5.2` | `4.8.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.70.2` | `2.80.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.17.9` | `7.29.0` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.2` | `3.3.5` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.4.1` | `3.4.4` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.4` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.11` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n\nBumps the npm_and_yarn group with 13 updates in the /components/pwa-install directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [socket.io](https://github.com/socketio/socket.io) | `4.5.2` | `4.8.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.75.6` | `2.80.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.2` | `7.29.0` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.2` | `3.3.5` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.4.1` | `3.4.4` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.4` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.8` | `removed` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `dompurify`\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prismjs` from 1.28.0 to 1.30.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PrismJS/prism/releases\"\u003eprismjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.30.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echeck that \u003ccode\u003ecurrentScript\u003c/code\u003e is set by a script tag by \u003ca href=\"https://github.com/lkuechler\"\u003e\u003ccode\u003e@​lkuechler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/PrismJS/prism/pull/3863\"\u003ePrismJS/prism#3863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lkuechler\"\u003e\u003ccode\u003e@​lkuechler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/PrismJS/prism/pull/3863\"\u003ePrismJS/prism#3863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0\"\u003ehttps://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003cp\u003eRelease 1.29.0\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PrismJS/prism/blob/v2/CHANGELOG.md\"\u003eprismjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePrism Changelog\u003c/h1\u003e\n\u003ch2\u003e1.29.0 (2022-08-23)\u003c/h2\u003e\n\u003ch3\u003eNew components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBBj\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3511\"\u003e#3511\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/1134bdfc\"\u003e\u003ccode\u003e1134bdfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBQN\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3515\"\u003e#3515\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/859f99a0\"\u003e\u003ccode\u003e859f99a0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCilk/C\u003c/strong\u003e \u0026amp; \u003cstrong\u003eCilk/C++\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3522\"\u003e#3522\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/c8462a29\"\u003e\u003ccode\u003ec8462a29\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGradle\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3443\"\u003e#3443\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/32119823\"\u003e\u003ccode\u003e32119823\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMETAFONT\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3465\"\u003e#3465\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/2815f699\"\u003e\u003ccode\u003e2815f699\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWGSL\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3455\"\u003e#3455\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/4c87d418\"\u003e\u003ccode\u003e4c87d418\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdated components\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAsciiDoc\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eSome regexes are too greedy (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3481\"\u003e#3481\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/c4cbeeaa\"\u003e\u003ccode\u003ec4cbeeaa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBash\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u0026quot;sh\u0026quot; alias (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3509\"\u003e#3509\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/6b824d47\"\u003e\u003ccode\u003e6b824d47\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for parameters and the \u003ccode\u003ejava\u003c/code\u003e and \u003ccode\u003esysctl\u003c/code\u003e commands. (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3505\"\u003e#3505\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/b9512b22\"\u003e\u003ccode\u003eb9512b22\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ecargo\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3488\"\u003e#3488\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/3e937137\"\u003e\u003ccode\u003e3e937137\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBBj\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eImprove regexes (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3512\"\u003e#3512\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/0cad9ae5\"\u003e\u003ccode\u003e0cad9ae5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed @-rules not accounting for strings (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3438\"\u003e#3438\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/0d4b6cb6\"\u003e\u003ccode\u003e0d4b6cb6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Extras\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eRebeccaPurple\u003c/code\u003e color (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3448\"\u003e#3448\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/646b2e0a\"\u003e\u003ccode\u003e646b2e0a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHoon\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed escaped strings (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3473\"\u003e#3473\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/64642716\"\u003e\u003ccode\u003e64642716\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJava\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for constants (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3507\"\u003e#3507\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/342a0039\"\u003e\u003ccode\u003e342a0039\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMarkup\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quotes in HTML attribute values (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3442\"\u003e#3442\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/ca8eaeee\"\u003e\u003ccode\u003eca8eaeee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNSIS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdded missing commands (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3504\"\u003e#3504\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/b0c2a9b4\"\u003e\u003ccode\u003eb0c2a9b4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eScala\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated keywords to support Scala 3 (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3506\"\u003e#3506\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/a090d063\"\u003e\u003ccode\u003ea090d063\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSCSS\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFix casing in title of the \u003ccode\u003escss\u003c/code\u003e lang (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3501\"\u003e#3501\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/2aed9ce7\"\u003e\u003ccode\u003e2aed9ce7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdated plugins\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLine Highlight\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAccount for offset when clamping ranges (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3518\"\u003e#3518\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/098e3000\"\u003e\u003ccode\u003e098e3000\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore ranges outside of actual lines (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3475\"\u003e#3475\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/9a4e725b\"\u003e\u003ccode\u003e9a4e725b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNormalize Whitespace\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eAdd configuration via attributes (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3467\"\u003e#3467\u003c/a\u003e) \u003ca href=\"https://github.com/PrismJS/prism/commit/91dea0c8\"\u003e\u003ccode\u003e91dea0c8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/76dde18a575831c91491895193f56081ac08b0c5\"\u003e\u003ccode\u003e76dde18\u003c/code\u003e\u003c/a\u003e Release 1.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/93cca40b364215210f23a9e35f085a682a2b8175\"\u003e\u003ccode\u003e93cca40\u003c/code\u003e\u003c/a\u003e npm pkg fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/99c5ca970f18f744d75e473573d4679100f87086\"\u003e\u003ccode\u003e99c5ca9\u003c/code\u003e\u003c/a\u003e Add release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/8e8b9352dac64457194dd9e51096b4772532e53d\"\u003e\u003ccode\u003e8e8b935\u003c/code\u003e\u003c/a\u003e check that currentScript is set by a script tag (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3863\"\u003e#3863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/f894dc2cbb507f565a046fed844fd541f07aa191\"\u003e\u003ccode\u003ef894dc2\u003c/code\u003e\u003c/a\u003e Fix logo in the footer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/ac38dcec9bea6bac064a7264b7aeba086e3102bf\"\u003e\u003ccode\u003eac38dce\u003c/code\u003e\u003c/a\u003e Delete CNAME\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/9b5b09aef4dc2c18c28d2f5a6244d4efcc6ab5cb\"\u003e\u003ccode\u003e9b5b09a\u003c/code\u003e\u003c/a\u003e Enable CORS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/59e5a3471377057de1f401ba38337aca27b80e03\"\u003e\u003ccode\u003e59e5a34\u003c/code\u003e\u003c/a\u003e 1.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/cd080f25ba12ef792d11468f5633fbbb23fd390e\"\u003e\u003ccode\u003ecd080f2\u003c/code\u003e\u003c/a\u003e Updated npmignore to include new MD files (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3534\"\u003e#3534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PrismJS/prism/commit/751664bd300b16b7b715e544de5a164b91b03075\"\u003e\u003ccode\u003e751664b\u003c/code\u003e\u003c/a\u003e Added PR stop notice (\u003ca href=\"https://redirect.github.com/PrismJS/prism/issues/3532\"\u003e#3532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PrismJS/prism/compare/v1.28.0...v1.30.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~dmitrysharabin\"\u003edmitrysharabin\u003c/a\u003e, a new releaser for prismjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.7 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.8\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported 0fdcc0af to the 7.x release line (2758ed35).\u003c/li\u003e\n\u003cli\u003eBackported d68ba9e1 to the 7.x release line (dc1781bc).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/4271f07cfc95cf7e1936388fb69e22a3731fa260\"\u003e\u003ccode\u003e4271f07\u003c/code\u003e\u003c/a\u003e [dist] 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/dc1781bc319cb347878d11cf730947d0bef69a51\"\u003e\u003ccode\u003edc1781b\u003c/code\u003e\u003c/a\u003e [security] Drop sensitive headers when following insecure redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2758ed355073105a60b8b836b25265b8cdcb3b42\"\u003e\u003ccode\u003e2758ed3\u003c/code\u003e\u003c/a\u003e [fix] Abort the handshake if the Upgrade header is invalid\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.7...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.7 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.8\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported 0fdcc0af to the 7.x release line (2758ed35).\u003c/li\u003e\n\u003cli\u003eBackported d68ba9e1 to the 7.x release line (dc1781bc).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/4271f07cfc95cf7e1936388fb69e22a3731fa260\"\u003e\u003ccode\u003e4271f07\u003c/code\u003e\u003c/a\u003e [dist] 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/dc1781bc319cb347878d11cf730947d0bef69a51\"\u003e\u003ccode\u003edc1781b\u003c/code\u003e\u003c/a\u003e [security] Drop sensitive headers when following insecure redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2758ed355073105a60b8b836b25265b8cdcb3b42\"\u003e\u003ccode\u003e2758ed3\u003c/code\u003e\u003c/a\u003e [fix] Abort the handshake if the Upgrade header is invalid\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.7...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.2 to 4.8.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esocket.io@4.8.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edo not throw when calling io.close() on a stopped server (\u003ca href=\"https://github.com/socketio/socket.io/commit/9581f9bcfd0c0fa8cb16eae1604c6a727af21efa\"\u003e9581f9b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.6.0\"\u003e\u003ccode\u003eengine.io@~6.6.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-client@4.8.3\u003c/h2\u003e\n\u003cp\u003eThere were some minor bug fixes on the server side, which mandate a client bump.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io-client/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io-client@~6.6.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.18.3\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io@4.8.2\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003eurl.parse()\u003c/code\u003e function is now deprecated and has been replaced by \u003ccode\u003enew URL()\u003c/code\u003e (see \u003ca href=\"https://github.com/socketio/socket.io/commit/8af70195bb8c5bc3efe9685997ab6373fb8b1ca9\"\u003e8af7019\u003c/a\u003e).\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecall adapter.init() when creating each namespace (\u003ca href=\"https://github.com/socketio/socket.io/commit/f3e1f5ebdf59158d0c8d1e20f8230275617fb355\"\u003ef3e1f5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eimprove \u003ccode\u003eio.close()\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5344\"\u003e#5344\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/bb0b480d2ab3108a8ae255b539015da451fdb249\"\u003ebb0b480\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.6.0\"\u003e\u003ccode\u003eengine.io@~6.6.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.18.3\"\u003e\u003ccode\u003ews@~8.18.3\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.18.3\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-client@4.8.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebundle\u003c/strong\u003e: do not mangle the \u0026quot;_placeholder\u0026quot; attribute (bis) (\u003ca href=\"https://github.com/socketio/socket.io/commit/cdae01983a8ae840fc9812875a8b88166b377c11\"\u003ecdae019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrain queue before emitting \u0026quot;connect\u0026quot; (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5259\"\u003e#5259\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/d19928e8d8b325310274031ed7de2ddc93ebb589\"\u003ed19928e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io-client/releases/tag/6.6.1\"\u003e\u003ccode\u003eengine.io-client@~6.6.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.17.1\"\u003e\u003ccode\u003ews@~8.17.1\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io@4.8.1\u003c/h2\u003e\n\u003cp\u003eDue to a change in the bundler configuration, the production bundle (\u003ccode\u003esocket.io.min.js\u003c/code\u003e) did not support sending and receiving binary data in version \u003ccode\u003e4.8.0\u003c/code\u003e. This is now fixed.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/9978574e4f1d4e21593497f94c40053cd0fff359\"\u003e\u003ccode\u003e9978574\u003c/code\u003e\u003c/a\u003e chore(release): socket.io@4.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e9e5bed4f2df269d228573325f25e10ec9dee6f3\"\u003e\u003ccode\u003ee9e5bed\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-client@4.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/9581f9bcfd0c0fa8cb16eae1604c6a727af21efa\"\u003e\u003ccode\u003e9581f9b\u003c/code\u003e\u003c/a\u003e fix(sio): do not throw when calling io.close() on a stopped server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/579d43f33f93503a936a133a59c1dcc1b8440c3d\"\u003e\u003ccode\u003e579d43f\u003c/code\u003e\u003c/a\u003e refactor: remove unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/ee9aac31342da4ccad8e9bfe5b98081701037f32\"\u003e\u003ccode\u003eee9aac3\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-parser@4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/968277cef8cf429a001c2c51b3ab7fd25b9836ef\"\u003e\u003ccode\u003e968277c\u003c/code\u003e\u003c/a\u003e chore(release): socket.io-adapter@2.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2bf16bd214b5c12a90f4c2dad88bfbea2858df10\"\u003e\u003ccode\u003e2bf16bd\u003c/code\u003e\u003c/a\u003e chore(release): engine.io-client@6.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/ad616070b8d845486fb5f1576205f70fff89723d\"\u003e\u003ccode\u003ead61607\u003c/code\u003e\u003c/a\u003e docs(eio): fix link in the release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/dd717924556d18b4453b63465fbf9b7c32788ac6\"\u003e\u003ccode\u003edd71792\u003c/code\u003e\u003c/a\u003e chore(release): socket.io@4.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bb0b480d2ab3108a8ae255b539015da451fdb249\"\u003e\u003ccode\u003ebb0b480\u003c/code\u003e\u003c/a\u003e fix(sio): improve \u003ccode\u003eio.close()\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/5344\"\u003e#5344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.2...socket.io@4.8.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for socket.io since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 2.70.2 to 2.80.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev.2.79.2\u003c/h2\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5671\"\u003e#5671\u003c/a\u003e: Fix DOM Clobbering CVE (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.80.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6277\"\u003e#6277\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve CVE-2024-43788 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5677\"\u003e#5677\u003c/a\u003e: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://github.com/fabianszabo\"\u003e\u003ccode\u003e@​fabianszabo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-09-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid massive performance degradation when creating thousands of chunks (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4639\"\u003e#4639\u003c/a\u003e: fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://github.com/takurinton\"\u003e\u003ccode\u003e@​takurinton\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4641\"\u003e#4641\u003c/a\u003e: Update type definition of resolveId (\u003ca href=\"https://github.com/ivanjonas\"\u003e\u003ccode\u003e@​ivanjonas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4643\"\u003e#4643\u003c/a\u003e: Improve performance of chunk naming collision check (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-08-31\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eamd.forceJsExtensionForImports\u003c/code\u003e to enforce using \u003ccode\u003e.js\u003c/code\u003e extensions for relative AMD imports (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4607\"\u003e#4607\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4607\"\u003e#4607\u003c/a\u003e: add option to keep extensions for amd (\u003ca href=\"https://github.com/wh1tevs\"\u003e\u003ccode\u003e@​wh1tevs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d17ae15336a45c3c59b2a4aacac2b14186035d28\"\u003e\u003ccode\u003ed17ae15\u003c/code\u003e\u003c/a\u003e 2.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3\"\u003e\u003ccode\u003ed6dee5e\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9bd03d12e96c46122a0372d3bbe9b468cee57da\"\u003e\u003ccode\u003ec9bd03d\u003c/code\u003e\u003c/a\u003e 2.79.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/48aef33cf2f2a6dfb175afb3bcd6a977c81f1d5c\"\u003e\u003ccode\u003e48aef33\u003c/code\u003e\u003c/a\u003e fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/69ff4181e701a0fe0026d0ba147f31bc86beffa8\"\u003e\u003ccode\u003e69ff418\u003c/code\u003e\u003c/a\u003e 2.79.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/04dce1bc734c22924b02c3d57061710dcb6395e4\"\u003e\u003ccode\u003e04dce1b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/159137e6425a97c126645110d19d0533643d5ee7\"\u003e\u003ccode\u003e159137e\u003c/code\u003e\u003c/a\u003e fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4639\"\u003e#4639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e1392b3905de33dc432a5692f9a6ec60103ea2f6\"\u003e\u003ccode\u003ee1392b3\u003c/code\u003e\u003c/a\u003e Update type definition of resolveId (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4641\"\u003e#4641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7836357aaeb1fb103318bca3f0ee8beacdec0470\"\u003e\u003ccode\u003e7836357\u003c/code\u003e\u003c/a\u003e Improve performance of chunk naming collision check (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71d20c9d4a75b51b95c56df43ba1efd934158acb\"\u003e\u003ccode\u003e71d20c9\u003c/code\u003e\u003c/a\u003e Reduce permissions for repl-artefacts.yml workflow (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4630\"\u003e#4630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v2.70.2...v2.80.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.17.9 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_","html_url":"https://github.com/Surfndez/PWABuilder/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Surfndez%2FPWABuilder/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.12.3","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-10T03:36:59.000Z","version_change":"1.12.3 → 1.16.3","issue":{"uuid":"4236360278","node_id":"PR_kwDOBY-BTM7RU7C1","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-10T03:36:59.000Z","updated_at":"2026-04-10T03:37:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"jquery","old_version":"3.2.1","new_version":"3.5.0","repository_url":"https://github.com/jquery/jquery"},{"name":"grunt","old_version":"0.4.5","new_version":"1.6.1","repository_url":"https://github.com/gruntjs/grunt"},{"name":"ajv","old_version":"4.11.8","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"request","old_version":"2.81.0","new_version":"2.88.2","repository_url":"https://github.com/request/request"},{"name":"deep-extend","old_version":"0.4.2","new_version":"0.6.0","repository_url":"https://github.com/unclechu/node-deep-extend"},{"name":"minimist","old_version":"1.2.0","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"ini","old_version":"1.3.4","new_version":"1.3.8","repository_url":"https://github.com/npm/ini"},{"name":"morgan","old_version":"1.8.2","new_version":"1.10.1","repository_url":"https://github.com/expressjs/morgan"},{"name":"send","old_version":"0.15.3","new_version":"0.19.2","repository_url":"https://github.com/pillarjs/send"},{"name":"serve-static","old_version":"1.12.3","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [jquery](https://github.com/jquery/jquery) | `3.2.1` | `3.5.0` |\n| [grunt](https://github.com/gruntjs/grunt) | `0.4.5` | `1.6.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `4.11.8` | `6.14.0` |\n| [request](https://github.com/request/request) | `2.81.0` | `2.88.2` |\n| [deep-extend](https://github.com/unclechu/node-deep-extend) | `0.4.2` | `0.6.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [ini](https://github.com/npm/ini) | `1.3.4` | `1.3.8` |\n| [morgan](https://github.com/expressjs/morgan) | `1.8.2` | `1.10.1` |\n| [send](https://github.com/pillarjs/send) | `0.15.3` | `0.19.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.12.3` | `1.16.3` |\n\n\nUpdates `jquery` from 3.2.1 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery/releases\"\u003ejquery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery 3.5.0 Released!\u003c/h2\u003e\n\u003cp\u003eSee the blog post:\n\u003ca href=\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\"\u003ehttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\u003c/a\u003e\nand the upgrade guide:\n\u003ca href=\"https://jquery.com/upgrade-guide/3.5/\"\u003ehttps://jquery.com/upgrade-guide/3.5/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE:\u003c/strong\u003e Despite being a minor release, this update includes a breaking change that we had to make to fix \u003ca href=\"https://github.com/advisories/GHSA-gxr4-xjj5-5px2\"\u003ea security issue\u003c/a\u003e ( \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\u003e\u003ccode\u003eCVE-2020-11022\u003c/code\u003e\u003c/a\u003e). Please follow the blog post \u0026amp; the upgrade guide for more details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/7a0a850f3d41c0412609c1d32b1e602d4afe2f4e\"\u003e\u003ccode\u003e7a0a850\u003c/code\u003e\u003c/a\u003e 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/8570a08f6689223aa06ca8cc51d488c6d81d44f9\"\u003e\u003ccode\u003e8570a08\u003c/code\u003e\u003c/a\u003e Release: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/da3dd85b63c4e3a6a768132c2a83a1a6eec24840\"\u003e\u003ccode\u003eda3dd85\u003c/code\u003e\u003c/a\u003e Ajax: Do not execute scripts for unsuccessful HTTP responses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/065143c2e93512eb0c82d1b344b71d06eb7cf01c\"\u003e\u003ccode\u003e065143c\u003c/code\u003e\u003c/a\u003e Ajax: Overwrite s.contentType with content-type header value, if any\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/1a4f10ddc37c34c6dc3a451ee451b5c6cf367399\"\u003e\u003ccode\u003e1a4f10d\u003c/code\u003e\u003c/a\u003e Tests: Blacklist one focusin test in IE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/9e15d6b469556eccfa607c5ecf53b20c84529125\"\u003e\u003ccode\u003e9e15d6b\u003c/code\u003e\u003c/a\u003e Event: Use only one focusin/out handler per matching window \u0026amp; document\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/966a70909019aa09632c87c0002c522fa4a1e30e\"\u003e\u003ccode\u003e966a709\u003c/code\u003e\u003c/a\u003e Manipulation: Skip the select wrapper for \u0026lt;option\u0026gt; outside of IE 9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77\"\u003e\u003ccode\u003e1d61fd9\u003c/code\u003e\u003c/a\u003e Manipulation: Make jQuery.htmlPrefilter an identity function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/04bf577e2f961c9dde85ddadc77f71bc7bc671cc\"\u003e\u003ccode\u003e04bf577\u003c/code\u003e\u003c/a\u003e Selector: Update Sizzle from 2.3.4 to 2.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/7506c9ca62a2f3ef773e19385918c31e9d62d412\"\u003e\u003ccode\u003e7506c9c\u003c/code\u003e\u003c/a\u003e Build: Resolve Travis config warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery/compare/3.2.1...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mgol\"\u003emgol\u003c/a\u003e, a new releaser for jquery since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `grunt` from 0.4.5 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\n- Upgrade legacy-util to ~2.0.0.\nv1.2.1\ndate: 2020-07-07\nchanges:\n- Remove path-is-absolute dependency.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1715\"\u003egruntjs/grunt#1715\u003c/a\u003e)\nv1.2.0\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8372e118eb8c4c6d40e9c6c5684948a786dee8a9\"\u003e\u003ccode\u003e8372e11\u003c/code\u003e\u003c/a\u003e 1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/72f6f034edc004cc72bbf4caab1d53843f130546\"\u003e\u003ccode\u003e72f6f03\u003c/code\u003e\u003c/a\u003e Changelog updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d4c183448650abe213cb29a93598649c4060d84\"\u003e\u003ccode\u003e8d4c183\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/1c7d48399766cb1a0ca48ce57cee16b2478ed842\"\u003e\u003ccode\u003e1c7d483\u003c/code\u003e\u003c/a\u003e Add recursive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/2d4fd381a48590b2fb18d7b2cc8865470ed54f1b\"\u003e\u003ccode\u003e2d4fd38\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/902db7c6ff5d046e88366bb94cf06ee484e33f49\"\u003e\u003ccode\u003e902db7c\u003c/code\u003e\u003c/a\u003e Downgrade glob\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/494f243d0cf82238c8d242772ee7c52d4416a0dd\"\u003e\u003ccode\u003e494f243\u003c/code\u003e\u003c/a\u003e Fix syntax\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b01389ea6a5b6a4fc32471c739a41460a9f611cb\"\u003e\u003ccode\u003eb01389e\u003c/code\u003e\u003c/a\u003e remove mkdirp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/0072510057b3d35260a63c951f4bc86d761a4838\"\u003e\u003ccode\u003e0072510\u003c/code\u003e\u003c/a\u003e remove dep on rimraf and mkdirp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/0afeb5c631199d806fa560c680987dd907263b83\"\u003e\u003ccode\u003e0afeb5c\u003c/code\u003e\u003c/a\u003e 1.6.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~vladikoff\"\u003evladikoff\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 4.11.8 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003ch2\u003ev6.10.2\u003c/h2\u003e\n\u003cp\u003eFix: the unknown keywords were ignored with the option \u003ccode\u003estrictKeywords: true\u003c/code\u003e (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.\u003c/p\u003e\n\u003ch2\u003ev6.10.1\u003c/h2\u003e\n\u003cp\u003eFix types\nFix addSchema (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1001\"\u003e#1001\u003c/a\u003e)\nUpdate dependencies\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cp\u003eOption \u003ccode\u003estrictDefaults\u003c/code\u003e to report ignored defaults (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/957\"\u003e#957\u003c/a\u003e, \u003ca href=\"https://github.com/not-an-aardvark\"\u003e\u003ccode\u003e@​not-an-aardvark\u003c/code\u003e\u003c/a\u003e)\nOption \u003ccode\u003estrictKeywords\u003c/code\u003e to report unknown keywords (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/781\"\u003e#781\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cp\u003eOpenAPI keyword \u003ccode\u003enullable\u003c/code\u003e can be any boolean (and not only \u003ccode\u003etrue\u003c/code\u003e).\nCustom keyword definition changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edependencies\u003c/code\u003e option in  to require the presence of keywords in the same schema.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d580d3e8ac6a467670d68d86e3a39fd661ac8c23\"\u003e\u003ccode\u003ed580d3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1298\"\u003e#1298\u003c/a\u003e from ajv-validator/fix-url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fd363896a8d6c5697b5da41f4d9a400a84efaf8e\"\u003e\u003ccode\u003efd36389\u003c/code\u003e\u003c/a\u003e fix: regular expression for \u0026quot;url\u0026quot; format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/4.11.8...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `request` from 2.81.0 to 2.88.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/request/request/blob/master/CHANGELOG.md\"\u003erequest's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChange Log\u003c/h2\u003e\n\u003ch3\u003ev2.88.0 (2018/08/10)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2996\"\u003e#2996\u003c/a\u003e fix(uuid): import versioned uuid (\u003ca href=\"https://github.com/kwonoj\"\u003e\u003ccode\u003e@​kwonoj\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2994\"\u003e#2994\u003c/a\u003e Update to oauth-sign 0.9.0 (\u003ca href=\"https://github.com/dlecocq\"\u003e\u003ccode\u003e@​dlecocq\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2993\"\u003e#2993\u003c/a\u003e Fix header tests (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2904\"\u003e#2904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/request/request/issues/515\"\u003e#515\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/request/request/issues/2894\"\u003e#2894\u003c/a\u003e Strip port suffix from Host header if the protocol is known. (\u003ca href=\"https://redirect.github.com/request/request/issues/2904\"\u003e#2904\u003c/a\u003e) (\u003ca href=\"https://github.com/paambaati\"\u003e\u003ccode\u003e@​paambaati\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2791\"\u003e#2791\u003c/a\u003e Improve AWS SigV4 support. (\u003ca href=\"https://redirect.github.com/request/request/issues/2791\"\u003e#2791\u003c/a\u003e) (\u003ca href=\"https://github.com/vikhyat\"\u003e\u003ccode\u003e@​vikhyat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2977\"\u003e#2977\u003c/a\u003e Update test certificates (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.87.0 (2018/05/21)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2943\"\u003e#2943\u003c/a\u003e Replace hawk dependency with a local implemenation (\u003ca href=\"https://redirect.github.com/request/request/issues/2943\"\u003e#2943\u003c/a\u003e) (\u003ca href=\"https://github.com/hueniverse\"\u003e\u003ccode\u003e@​hueniverse\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.86.0 (2018/05/15)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2885\"\u003e#2885\u003c/a\u003e Remove redundant code (for Node.js 0.9.4 and below) and dependency (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2942\"\u003e#2942\u003c/a\u003e Make Test GREEN Again! (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2923\"\u003e#2923\u003c/a\u003e Alterations for failing CI tests (\u003ca href=\"https://github.com/gareth-robinson\"\u003e\u003ccode\u003e@​gareth-robinson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.85.0 (2018/03/12)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2880\"\u003e#2880\u003c/a\u003e Revert \u0026quot;Update hawk to 7.0.7 (\u003ca href=\"https://redirect.github.com/request/request/issues/2880\"\u003e#2880\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://github.com/simov\"\u003e\u003ccode\u003e@​simov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.84.0 (2018/03/12)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2793\"\u003e#2793\u003c/a\u003e Fixed calculation of oauth_body_hash, issue \u003ca href=\"https://redirect.github.com/request/request/issues/2792\"\u003e#2792\u003c/a\u003e (\u003ca href=\"https://github.com/dvishniakov\"\u003e\u003ccode\u003e@​dvishniakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2880\"\u003e#2880\u003c/a\u003e Update hawk to 7.0.7 (\u003ca href=\"https://redirect.github.com/request/request/issues/2880\"\u003e#2880\u003c/a\u003e) (\u003ca href=\"https://github.com/kornel-kedzierski\"\u003e\u003ccode\u003e@​kornel-kedzierski\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.83.0 (2017/09/27)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2776\"\u003e#2776\u003c/a\u003e Updating tough-cookie due to security fix. (\u003ca href=\"https://redirect.github.com/request/request/issues/2776\"\u003e#2776\u003c/a\u003e) (\u003ca href=\"https://github.com/karlnorling\"\u003e\u003ccode\u003e@​karlnorling\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.82.0 (2017/09/19)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2703\"\u003e#2703\u003c/a\u003e Add Node.js v8 to Travis CI (\u003ca href=\"https://github.com/ryysud\"\u003e\u003ccode\u003e@​ryysud\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2751\"\u003e#2751\u003c/a\u003e Update of hawk and qs to latest version (\u003ca href=\"https://redirect.github.com/request/request/issues/2751\"\u003e#2751\u003c/a\u003e) (\u003ca href=\"https://github.com/Olivier-Moreau\"\u003e\u003ccode\u003e@​Olivier-Moreau\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2658\"\u003e#2658\u003c/a\u003e Fixed some text in README.md (\u003ca href=\"https://redirect.github.com/request/request/issues/2658\"\u003e#2658\u003c/a\u003e) (\u003ca href=\"https://github.com/Marketionist\"\u003e\u003ccode\u003e@​Marketionist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2635\"\u003e#2635\u003c/a\u003e chore(package): update aws-sign2 to version 0.7.0 (\u003ca href=\"https://redirect.github.com/request/request/issues/2635\"\u003e#2635\u003c/a\u003e) (\u003ca href=\"https://github.com/greenkeeperio-bot\"\u003e\u003ccode\u003e@​greenkeeperio-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2641\"\u003e#2641\u003c/a\u003e Update README to simplify \u0026amp; update convenience methods (\u003ca href=\"https://redirect.github.com/request/request/issues/2641\"\u003e#2641\u003c/a\u003e) (\u003ca href=\"https://github.com/FredKSchott\"\u003e\u003ccode\u003e@​FredKSchott\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2541\"\u003e#2541\u003c/a\u003e Add convenience method for HTTP OPTIONS (\u003ca href=\"https://redirect.github.com/request/request/issues/2541\"\u003e#2541\u003c/a\u003e) (\u003ca href=\"https://github.com/jamesseanwright\"\u003e\u003ccode\u003e@​jamesseanwright\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2605\"\u003e#2605\u003c/a\u003e Add promise support section to README (\u003ca href=\"https://redirect.github.com/request/request/issues/2605\"\u003e#2605\u003c/a\u003e) (\u003ca href=\"https://github.com/FredKSchott\"\u003e\u003ccode\u003e@​FredKSchott\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2579\"\u003e#2579\u003c/a\u003e refactor(lint): replace eslint with standard (\u003ca href=\"https://redirect.github.com/request/request/issues/2579\"\u003e#2579\u003c/a\u003e) (\u003ca href=\"https://github.com/ahmadnassri\"\u003e\u003ccode\u003e@​ahmadnassri\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2598\"\u003e#2598\u003c/a\u003e Update codecov to version 2.0.2 🚀 (\u003ca href=\"https://github.com/greenkeeperio-bot\"\u003e\u003ccode\u003e@​greenkeeperio-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2590\"\u003e#2590\u003c/a\u003e Adds test-timing keepAlive test (\u003ca href=\"https://github.com/nicjansma\"\u003e\u003ccode\u003e@​nicjansma\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2589\"\u003e#2589\u003c/a\u003e fix tabulation on request example README.MD (\u003ca href=\"https://github.com/odykyi\"\u003e\u003ccode\u003e@​odykyi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/request/request/pull/2594\"\u003e#2594\u003c/a\u003e chore(dependencies): har-validator to 5.x [removes babel dep] (\u003ca href=\"https://github.com/ahmadnassri\"\u003e\u003ccode\u003e@​ahmadnassri\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/request/request/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 0.9.2 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/29a7bc4c817cbd87c8f5940fbeff32e879457b89\"\u003e\u003ccode\u003e29a7bc4\u003c/code\u003e\u003c/a\u003e Bump to v2.4.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/e21e993729861a2bc1d01c858cfabce7a27d2861\"\u003e\u003ccode\u003ee21e993\u003c/code\u003e\u003c/a\u003e Update v2.4.1 docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/0af1a854428b94621527d555d9243b1dc50790f8\"\u003e\u003ccode\u003e0af1a85\u003c/code\u003e\u003c/a\u003e Bump to v2.4.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/10e7bb97ee9f7fb863d7674f8433a215e1dff7a2\"\u003e\u003ccode\u003e10e7bb9\u003c/code\u003e\u003c/a\u003e Add comments to \u003ccode\u003ebaseBind\u003c/code\u003e use of \u003ccode\u003earguments\u003c/code\u003e. [ci skip] [closes \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/416\"\u003e#416\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/c319bbc5f39a28ade36a3b149274be6c077583d4\"\u003e\u003ccode\u003ec319bbc\u003c/code\u003e\u003c/a\u003e Ensure \u003ccode\u003e_.isEqual\u003c/code\u003e performs comparisons between objects with shared property ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9e42f70e5f600ece63926a241ba20bd0f233df37\"\u003e\u003ccode\u003e9e42f70\u003c/code\u003e\u003c/a\u003e Add more \u003ccode\u003elodashBadShim\u003c/code\u003e tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/ff47152187c996015ecc3f834e64903538704c51\"\u003e\u003ccode\u003eff47152\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003emax-duration\u003c/code\u003e option to sauce config.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/94b6ce5ca09dec53f9b8613ce98c23552ef104ab\"\u003e\u003ccode\u003e94b6ce5\u003c/code\u003e\u003c/a\u003e Excuse some underscore \u003ccode\u003e_.debounce\u003c/code\u003e and \u003ccode\u003e_.throttle\u003c/code\u003e tests in sauce.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/8e1020f13447848c9bae83b694c4f9c67b97c62b\"\u003e\u003ccode\u003e8e1020f\u003c/code\u003e\u003c/a\u003e Tweak \u003ccode\u003e_.now\u003c/code\u003e unit test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/be7a0fef4155cc4552276e81152f5e1cfd92271d\"\u003e\u003ccode\u003ebe7a0fe\u003c/code\u003e\u003c/a\u003e Increase sauce idle-timeout from the default of \u003ccode\u003e90\u003c/code\u003e to \u003ccode\u003e300\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/0.9.2...2.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 0.2.14 to 0.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8970f0f8e07f7cd2f20b09c1c9340f4ffbed573c\"\u003e\u003ccode\u003e8970f0f\u003c/code\u003e\u003c/a\u003e v0.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b5114a7c0976b22069637f5613ca87d393e0154f\"\u003e\u003ccode\u003eb5114a7\u003c/code\u003e\u003c/a\u003e minimatch.match: make options optional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9be6a33c5791e753c197594361cd3393c6cf7c14\"\u003e\u003ccode\u003e9be6a33\u003c/code\u003e\u003c/a\u003e Relax minimatch.match about 'option' argument\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/e9c0af6d429056db0c785747f98045781ea8f3c2\"\u003e\u003ccode\u003ee9c0af6\u003c/code\u003e\u003c/a\u003e Expand comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/460b8de51be595c2567634c404c5ab08204fc09f\"\u003e\u003ccode\u003e460b8de\u003c/code\u003e\u003c/a\u003e Rename splitFile to filename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/a5223cc2afbd5688ad07a50697e9efb6cef5a200\"\u003e\u003ccode\u003ea5223cc\u003c/code\u003e\u003c/a\u003e Look up basename using already split segments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/6517bde435dc393c365b241d92f70b17d0606c14\"\u003e\u003ccode\u003e6517bde\u003c/code\u003e\u003c/a\u003e Clarify nonull documentation\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v0.2.14...v0.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bl` from 0.9.5 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rvagg/bl/releases\"\u003ebl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove false-positive Apache-exploit (Fixes \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/79\"\u003e#79\u003c/a\u003e). \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/80\"\u003e#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ereadable-stream@3 \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/57\"\u003e#57\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cp\u003eFix unintialized memory access\u003c/p\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd indexOf docs \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/60\"\u003e#60\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix empty shallowSlice return \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/65\"\u003e#65\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse ES3 only \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/62\"\u003e#62\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse native indexOf whenever possible \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/61\"\u003e#61\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded indexOf \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/59\"\u003e#59\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003erequire('readable-stream').Duplex\u003c/code\u003e \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/56\"\u003e#56\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for readUIntLE and companions \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/55\"\u003e#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse safe-buffer \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/51\"\u003e#51\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eshallowSlice\u003c/code\u003e when the offset are not at the beginning of an internal buffer \u003ca href=\"https://redirect.github.com/rvagg/bl/issues/44\"\u003e#44\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rvagg/bl/blob/master/CHANGELOG.md\"\u003ebl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.5...v6.1.6\"\u003e6.1.6\u003c/a\u003e (2025-12-04)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/163\"\u003e#163\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/c51e63d1ad01426135f79b09c5a355c4c4fd9df0\"\u003ec51e63d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.4...v6.1.5\"\u003e6.1.5\u003c/a\u003e (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/162\"\u003e#162\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/823100e600b477b58e425b2fa714f66725d32b2a\"\u003e823100e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.3...v6.1.4\"\u003e6.1.4\u003c/a\u003e (2025-10-15)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/161\"\u003e#161\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/4f23fa9e1ef6053fe30d37a4f5b7c1a73156cfb9\"\u003e4f23fa9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.2...v6.1.3\"\u003e6.1.3\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/setup-node from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/159\"\u003e#159\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/530e36f1b894dde916b5d453a7b276e4b7fb0223\"\u003e530e36f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.1...v6.1.2\"\u003e6.1.2\u003c/a\u003e (2025-08-12)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/28a385240073abe68517d56d18b442d55b16ebe9\"\u003e28a3852\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.1.0...v6.1.1\"\u003e6.1.1\u003c/a\u003e (2025-08-01)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps-dev:\u003c/strong\u003e bump typescript from 5.8.3 to 5.9.2 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/157\"\u003e#157\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/70f4e160c3146748ed71217b842bab27c04c70ca\"\u003e70f4e16\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.20...v6.1.0\"\u003e6.1.0\u003c/a\u003e (2025-03-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded prepend and getBuffers methods. (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/154\"\u003e#154\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/e9eda9549b1235af16afbe0c721f92e705109663\"\u003ee9eda95\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.19...v6.0.20\"\u003e6.0.20\u003c/a\u003e (2025-03-03)\u003c/h2\u003e\n\u003ch3\u003eTrivial Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps-dev:\u003c/strong\u003e bump typescript from 5.7.3 to 5.8.2 (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/153\"\u003e#153\u003c/a\u003e) (\u003ca href=\"https://github.com/rvagg/bl/commit/9291cf9ec4b3cdef8c5779c73247844f48943c02\"\u003e9291cf9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rvagg/bl/compare/v6.0.18...v6.0.19\"\u003e6.0.19\u003c/a\u003e (2025-01-28)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/75052a573fcc5174190799f87503cf5da8f6022f\"\u003e\u003ccode\u003e75052a5\u003c/code\u003e\u003c/a\u003e 4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/88f4f431aea835cab0da4ed33bff452f1568d28d\"\u003e\u003ccode\u003e88f4f43\u003c/code\u003e\u003c/a\u003e Add default read offsets for Node Buffer compatibility (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/bd6fea1f5cf2b428a5203a39e7bfb6ce81d1e65f\"\u003e\u003ccode\u003ebd6fea1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/83f5f045c6e4d4e2df813400339271dcf1ae9d22\"\u003e\u003ccode\u003e83f5f04\u003c/code\u003e\u003c/a\u003e test: add v15 to travis\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/9aa0b029fe1a11f1c8d9c4c7dbaaafb93ec7af94\"\u003e\u003ccode\u003e9aa0b02\u003c/code\u003e\u003c/a\u003e Adds travis jobs on ppc64le\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/4aada6d440b69571a521977547a6d665270fae90\"\u003e\u003ccode\u003e4aada6d\u003c/code\u003e\u003c/a\u003e fix: duplicate license field (\u003ca href=\"https://redirect.github.com/rvagg/bl/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/449a545b46f4a4d4c58d1cd30b1aa2221e32fac7\"\u003e\u003ccode\u003e449a545\u003c/code\u003e\u003c/a\u003e test all branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/f659836cc84211cad41b73bad89c78f7f874c626\"\u003e\u003ccode\u003ef659836\u003c/code\u003e\u003c/a\u003e Bumped v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/7a4ae7f818a4ceba234f3d186a1ffb3f0a34ad0c\"\u003e\u003ccode\u003e7a4ae7f\u003c/code\u003e\u003c/a\u003e Node v14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190\"\u003e\u003ccode\u003ed3e240e\u003c/code\u003e\u003c/a\u003e Fix unintialized memory access\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rvagg/bl/compare/v0.9.5...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~matteo.collina\"\u003ematteo.collina\u003c/a\u003e, a new releaser for bl since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `deep-extend` from 0.4.2 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unclechu/node-deep-extend/blob/master/CHANGELOG.md\"\u003edeep-extend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u0026quot;devDependencies\u0026quot; versions to fix vulnerability alerts\u003c/li\u003e\n\u003cli\u003eDropped support of io.js and node.js v0.12.x and lower since new versions of\n\u0026quot;devDependencies\u0026quot; couldn't work with those old node.js versions\n(minimal supported version of node.js now is v4.0.0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution vulnerability (thanks to \u003ca href=\"https://github.com/mwakerman\"\u003e\u003ccode\u003e@​mwakerman\u003c/code\u003e\u003c/a\u003e for the PR)\u003c/li\u003e\n\u003cli\u003eAvoid using deprecated Buffer API (thanks to \u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e for the PR)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAuto-testing provided by Travis CI;\u003c/li\u003e\n\u003cli\u003eSupport older Node.JS versions (\u003ccode\u003ev0.11.x\u003c/code\u003e and \u003ccode\u003ev0.10.x\u003c/code\u003e);\u003c/li\u003e\n\u003cli\u003eRemoved tests files from npm package.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/f3f2b4f30fffe8abc9a99a7d6469fb354ca206e9\"\u003e\u003ccode\u003ef3f2b4f\u003c/code\u003e\u003c/a\u003e more versions of node.js to test by travis-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/3d852537d92b7d1382db85128ba7d7ce5fb06df3\"\u003e\u003ccode\u003e3d85253\u003c/code\u003e\u003c/a\u003e package.json: updated \u0026quot;engines\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/8b8aef9074b67a4689ab681d3c19deacc1bb0cc7\"\u003e\u003ccode\u003e8b8aef9\u003c/code\u003e\u003c/a\u003e dropped support of old node.js versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/120fd97d3407f0754e69442ad65ee9531462a6e6\"\u003e\u003ccode\u003e120fd97\u003c/code\u003e\u003c/a\u003e increased \u0026quot;devDependencies\u0026quot; (mocha) up enough to fix vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/235821ae6d53c500909f76001e20f9faa8795d15\"\u003e\u003ccode\u003e235821a\u003c/code\u003e\u003c/a\u003e decreasing versions of \u0026quot;devDependencies\u0026quot; to fix tests for older node versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/a1eb0eb0ad0e124f649f85fe5cacfe288ea01293\"\u003e\u003ccode\u003ea1eb0eb\u003c/code\u003e\u003c/a\u003e README: removed \u0026quot;download\u0026quot; stats badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/7bebe7545251b7cf1f6f96ff630bb8bb53d09e89\"\u003e\u003ccode\u003e7bebe75\u003c/code\u003e\u003c/a\u003e CHANGELOG: info for 0.5.2 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/16b328fc7b54dd22b0b77fa99ef7b281bee90c7b\"\u003e\u003ccode\u003e16b328f\u003c/code\u003e\u003c/a\u003e 0.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/0402225f7283392862e2f8c94dd33e1a849dc9cd\"\u003e\u003ccode\u003e0402225\u003c/code\u003e\u003c/a\u003e updated \u0026quot;devDependencies\u0026quot; to fix vulnerability alerts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unclechu/node-deep-extend/commit/2e0110ed4c997bbd9bf29df1692d53494d9e90d4\"\u003e\u003ccode\u003e2e0110e\u003c/code\u003e\u003c/a\u003e prepared v0.5.1 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/unclechu/node-deep-extend/compare/v0.4.2...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.0 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.0...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 2.1.4 to 2.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAdded \u003ccode\u003efilepath\u003c/code\u003e option\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003efilepath\u003c/code\u003e property overrides \u003ccode\u003efilename\u003c/code\u003e and may contain a relative path. This is typically used when uploading \u003ca href=\"https://wicg.github.io/entries-api/#dom-htmlinputelement-webkitdirectory\"\u003emultiple files from a directory\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sebdeckers\"\u003e\u003ccode\u003e@​sebdeckers\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `getobject` from 0.1.0 to 1.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cowboy/node-getobject/releases\"\u003egetobject's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7  6f86cf7\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7  6e79841\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate deps  141e3a5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9  c97cf3e\u003c/li\u003e\n\u003cli\u003eBump hosted-git-info from 2.8.8 to 2.8.9  201e91b\u003c/li\u003e\n\u003cli\u003eUpdate dev deps  5ffb873\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/46e55ec15488e995fe61aaf4f91f9264bb5ff36b\"\u003e\u003ccode\u003e46e55ec\u003c/code\u003e\u003c/a\u003e 1.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6f86cf76f9194ca7ec28a6990717670af47b44dd\"\u003e\u003ccode\u003e6f86cf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6e7984192ba239a82b5eb606feabb56a11c3c4eb\"\u003e\u003ccode\u003e6e79841\u003c/code\u003e\u003c/a\u003e Bump path-parse from 1.0.6 to 1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/84bd719a3d77a44a22d6d7fa70707659c668d4f2\"\u003e\u003ccode\u003e84bd719\u003c/code\u003e\u003c/a\u003e 1.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/141e3a580adc253e145ca2b7fa909e12244ac836\"\u003e\u003ccode\u003e141e3a5\u003c/code\u003e\u003c/a\u003e Update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/c97cf3e1eb18069d3426a5ec2b4dd5c1e15412a7\"\u003e\u003ccode\u003ec97cf3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/201e91b7ba81a7d820db857c00e8de1ed36fee5e\"\u003e\u003ccode\u003e201e91b\u003c/code\u003e\u003c/a\u003e Bump hosted-git-info from 2.8.8 to 2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/5ffb873fc3197506d7c825d342a07e394300b80c\"\u003e\u003ccode\u003e5ffb873\u003c/code\u003e\u003c/a\u003e Update dev deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/92e0d1f0400a4ff87a91c3569f84768c6c7b3efb\"\u003e\u003ccode\u003e92e0d1f\u003c/code\u003e\u003c/a\u003e 1.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/commit/6828cb984bf73bddd29208bf40ff10cd370e09c1\"\u003e\u003ccode\u003e6828cb9\u003c/code\u003e\u003c/a\u003e README updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cowboy/node-getobject/compare/v0.1.0...v1.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~vladikoff\"\u003evladikoff\u003c/a\u003e, a new releaser for getobject since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ini` from 1.3.4 to 1.3.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/a2c5da86604bc2238fe393c5ff083bf23a9910eb\"\u003e\u003ccode\u003ea2c5da8\u003c/code\u003e\u003c/a\u003e 1.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/af5c6bb5dca6f0248c153aa87e25bddfc515ff6e\"\u003e\u003ccode\u003eaf5c6bb\u003c/code\u003e\u003c/a\u003e Do not use Object.create(null)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/8b648a1ac49e1b3b7686ea957e0b95e544bc6ec1\"\u003e\u003ccode\u003e8b648a1\u003c/code\u003e\u003c/a\u003e don't test where our devdeps don't even work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/c74c8af35f32b801a7e82a8309eab792a95932f6\"\u003e\u003ccode\u003ec74c8af\u003c/code\u003e\u003c/a\u003e 1.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/024b8b55ac1c980c6225607b007714c54eb501ba\"\u003e\u003ccode\u003e024b8b5\u003c/code\u003e\u003c/a\u003e update deps, add linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/032fbaf5f0b98fce70c8cc380e0d05177a9c9073\"\u003e\u003ccode\u003e032fbaf\u003c/code\u003e\u003c/a\u003e Use Object.create(null) to avoid default object property hazards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/2da90391ef70db41d10f013e3a87f9a8c5d01a72\"\u003e\u003ccode\u003e2da9039\u003c/code\u003e\u003c/a\u003e 1.3.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/cfea636f534b5ca7550d2c28b7d1a95d936d56c6\"\u003e\u003ccode\u003ecfea636\u003c/code\u003e\u003c/a\u003e better git push script, before publish instead of after\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1\"\u003e\u003ccode\u003e56d2805\u003c/code\u003e\u003c/a\u003e do not allow invalid hazardous string as section name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/ini/commit/738eca59d77d8cfdddf5c477c17a0d8f8fbfe0fd\"\u003e\u003ccode\u003e738eca5\u003c/code\u003e\u003c/a\u003e v1.3.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/ini/compare/v1.3.4...v1.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for ini since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 2.0.5 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/2.0.5...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json-schema` from 0.2.3 to 0.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa\"\u003e\u003ccode\u003ef6f6a3b\u003c/code\u003e\u003c/a\u003e Use a little more robust method of checking instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/ef60987a9a14b9d9c739384460044ba53cd9b9a2\"\u003e\u003ccode\u003eef60987\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a\"\u003e\u003ccode\u003eb62f1da\u003c/code\u003e\u003c/a\u003e Protect against constructor modification, \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/84\"\u003e#84\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/fb427cd4d175684786e4b2538718e72453e825e9\"\u003e\u003ccode\u003efb427cd\u003c/code\u003e\u003c/a\u003e Link to json-schema-org repository in addition to site, fixes \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/54\"\u003e#54\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741\"\u003e\u003ccode\u003e22f1461\u003c/code\u003e\u003c/a\u003e Don't allow \u003cstrong\u003eproto\u003c/strong\u003e property to be used for schema default/coerce, fixes \u003ca href=\"https://redirect.github.com/kriszyp/json-schema/issues/84\"\u003e#84\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/c52a27c653428149e4f9fb776d5e110d04639a9c\"\u003e\u003ccode\u003ec52a27c\u003c/code\u003e\u003c/a\u003e Get basic test to pass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/b3f42b3331608fe83b6cc267c5fc513ec1b839ed\"\u003e\u003ccode\u003eb3f42b3\u003c/code\u003e\u003c/a\u003e Add security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/3b0cec3042a5aac5c967fd43475f5edc4c5b6eff\"\u003e\u003ccode\u003e3b0cec3\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/c28470f2d64bace29c73d140f9c6876e3c3a9fef\"\u003e\u003ccode\u003ec28470f\u003c/code\u003e\u003c/a\u003e Update readme to acknowledge the state of the package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kriszyp/json-schema/commit/7dff9cd2c35c31ff3c43fa4e38737c94283dd3d3\"\u003e\u003ccode\u003e7dff9cd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://re...\n\n_Description has been truncated_","html_url":"https://github.com/luislobo/photon/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/luislobo%2Fphoton/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-02T23:11:41.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4197400780","node_id":"PR_kwDODn5Zn87PsIoJ","number":10,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-02T23:35:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T23:11:41.000Z","updated_at":"2026-04-02T23:35:20.000Z","time_to_close":1417,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.19.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joshmu/grant-scraper-api/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/joshmu/grant-scraper-api/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/joshmu%2Fgrant-scraper-api/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"1.14.1","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-04-01T01:20:00.000Z","version_change":"1.14.1 → 1.16.3","issue":{"uuid":"4183359193","node_id":"PR_kwDOG1BSP87PHH9t","number":33,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-01T01:20:00.000Z","updated_at":"2026-04-01T14:33:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"@babel/traverse","old_version":"7.9.0","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"async","old_version":"2.6.3","new_version":"2.6.4","repository_url":"https://github.com/caolan/async"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"json5","old_version":"2.1.2","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimist","old_version":"1.2.5","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"plist","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/TooTallNate/node-plist"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"simple-plist","old_version":"1.1.0","new_version":"1.3.1","repository_url":"https://github.com/wollardj/simple-plist"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.9.0` | `7.29.0` |\n| [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.1.2` | `2.2.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [plist](https://github.com/TooTallNate/node-plist) | `3.0.1` | `3.1.0` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n| [simple-plist](https://github.com/wollardj/simple-plist) | `1.1.0` | `1.3.1` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 13 updates in the /example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.2.3` | `7.29.0` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.0.0` | `4.1.1` |\n| [async](https://github.com/caolan/async) | `2.6.1` | `2.6.4` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` |\n| [json5](https://github.com/json5/json5) | `2.1.0` | `2.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.1` | `4.7.9` |\n| [semver](https://github.com/npm/node-semver) | `5.6.0` | `5.7.2` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n\n\nUpdates `@babel/traverse` from 7.9.0 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `async` from 2.6.3 to 2.6.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md\"\u003easync's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev2.6.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential prototype pollution exploit (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/c6bdaca4f9175c14fc655d3783c6af6a883e6514\"\u003e\u003ccode\u003ec6bdaca\u003c/code\u003e\u003c/a\u003e Version 2.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8870da9d5022bab310413041b4079e10db3980b7\"\u003e\u003ccode\u003e8870da9\u003c/code\u003e\u003c/a\u003e Update built files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/4df6754ef4e96a742956df8782fee27242a2ea12\"\u003e\u003ccode\u003e4df6754\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2\"\u003e\u003ccode\u003e8f7f903\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/caolan/async/compare/v2.6.3...v2.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hargasinski\"\u003ehargasinski\u003c/a\u003e, a new releaser for async since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.13.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json5` from 2.1.2 to 2.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/releases\"\u003ejson5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There is no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/blob/main/CHANGELOG.md\"\u003ejson5's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev2.2.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.2...v2.2.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of\nv1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.1...v2.2.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.1\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.0...v2.2.1\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.0 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.0\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.3...v2.2.0\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There\nis no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e,\n\u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776\"\u003e\u003ccode\u003ec3a7524\u003c/code\u003e\u003c/a\u003e 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39\"\u003e\u003ccode\u003e94fd06d\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce\"\u003e\u003ccode\u003e3b8cebf\u003c/code\u003e\u003c/a\u003e docs(security): use GitHub security advisories\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c\"\u003e\u003ccode\u003ef0fd9e1\u003c/code\u003e\u003c/a\u003e docs: publish a security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0\"\u003e\u003ccode\u003e6a91a05\u003c/code\u003e\u003c/a\u003e docs(template): bug -\u0026gt; bug report\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650\"\u003e\u003ccode\u003e14f8cb1\u003c/code\u003e\u003c/a\u003e 2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46\"\u003e\u003ccode\u003e10cc7ca\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8\"\u003e\u003ccode\u003e7774c10\u003c/code\u003e\u003c/a\u003e fix: add \u003cstrong\u003eproto\u003c/strong\u003e to objects and arrays\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d\"\u003e\u003ccode\u003eedde30a\u003c/code\u003e\u003c/a\u003e Readme: slight tweak to intro\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16\"\u003e\u003ccode\u003e97286f8\u003c/code\u003e\u003c/a\u003e Improve example in readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.5 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `plist` from 3.0.1 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/plist.js/blob/master/History.md\"\u003eplist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.1.0 / 2023-07-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ereplace inlined xmldom with \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.5 / 2022-03-23\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/plist.js/commit/96e2303d059e6be0c9e0c4773226d14b4758de52\"\u003e[\u003ccode\u003e96e2303d05\u003c/code\u003e]\u003c/a\u003e Prototype Pollution using .parse() \u003ca href=\"https://redirect.github.com/TooTallNate/node-plist/issues/114\"\u003e#114\u003c/a\u003e (mario-canva)\u003c/li\u003e\n\u003cli\u003eupdate browserify from 16 to 17\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.4 / 2021-08-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003einline xmldom@0.6.0 to eliminate security warning false positive (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.3 / 2021-08-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupdate xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eremove flaky saucelabs teseting badge (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.2 / 2021-03-25\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupdate xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eupdate saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)\u003c/li\u003e\n\u003cli\u003eremove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/node-plist/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.14.1 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.14.2 / 2021-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.17.2\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@1.8.1\u003c/li\u003e\n\u003cli\u003edeps: ms@2.1.3\u003c/li\u003e\n\u003cli\u003epref: ignore empty http tokens\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.1...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-plist` from 1.1.0 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wollardj/simple-plist/releases\"\u003esimple-plist's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTypeScript\u003c/h2\u003e\n\u003cp\u003eThis release is a rewrite of the JavaScript code into TypeScript code to add strong typing for those who would choose to use it.\u003c/p\u003e\n\u003cp\u003eAs this is a minor release there should be minimal risk in upgrading from \u003ccode\u003ev1.1.1\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/1b1333c639e4628630b43814e096a1f17aececda\"\u003e\u003ccode\u003e1b1333c\u003c/code\u003e\u003c/a\u003e v1.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/7adf995baf55a2604c035bfcafe6968148a22def\"\u003e\u003ccode\u003e7adf995\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​types/jest\u003c/code\u003e to ^27.4.1 (and 4 others)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/c5b4db04ff2afa44b8197e061c1ab10278dadcdc\"\u003e\u003ccode\u003ec5b4db0\u003c/code\u003e\u003c/a\u003e test: CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/3ad9688092c1e2b327ea1b34fc2592db4e9ebb05\"\u003e\u003ccode\u003e3ad9688\u003c/code\u003e\u003c/a\u003e update bplist-parser to 0.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/26d93f4f6721d404af00e3152d77bf83e3b54043\"\u003e\u003ccode\u003e26d93f4\u003c/code\u003e\u003c/a\u003e update tests to use inline snapshots\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/670e22fd6e46549a1d32d1065981e0f58eab98d6\"\u003e\u003ccode\u003e670e22f\u003c/code\u003e\u003c/a\u003e fix: update plist to 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/bb4b04a39ffa66677ca47d63f3ac6927685901ee\"\u003e\u003ccode\u003ebb4b04a\u003c/code\u003e\u003c/a\u003e v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/eb2f4f15c27fa7bd930b95e7a033090d88f73f66\"\u003e\u003ccode\u003eeb2f4f1\u003c/code\u003e\u003c/a\u003e docs: update documentation to include typescript examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/f0e7fea80f2aca3904b4b0152071ee14da40536e\"\u003e\u003ccode\u003ef0e7fea\u003c/code\u003e\u003c/a\u003e update git repo url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wollardj/simple-plist/commit/c02c8056ebfe478de0565273f28ec6c858468a90\"\u003e\u003ccode\u003ec02c805\u003c/code\u003e\u003c/a\u003e yarn3 + typescript (\u003ca href=\"https://redirect.github.com/wollardj/simple-plist/issues/56\"\u003e#56\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/wollardj/simple-plist/compare/1.1.0...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `word-wrap` from 1.2.3 to 1.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jonschlinkert/word-wrap/releases\"\u003eword-wrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanges\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eReverts default value for \u003ccode\u003eoptions.indent\u003c/code\u003e to two spaces \u003ccode\u003e'  '\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5\"\u003ehttps://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove default indent by \u003ca href=\"https://github.com/mohd-akram\"\u003e\u003ccode\u003e@​mohd-akram\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/24\"\u003ejonschlinkert/word-wrap#24\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔒fix: CVE 2023 26115 (2) by \u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/41\"\u003ejonschlinkert/word-wrap#41\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:lock: fix: CVE-2023-26115 by \u003ca href=\"https://github.com/aashutoshrathi\"\u003e\u003ccode\u003e@​aashutoshrathi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/33\"\u003ejonschlinkert/word-wrap#33\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: publish workflow by \u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/42\"\u003ejonschlinkert/word-wrap#42\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohd-akram\"\u003e\u003ccode\u003e@​mohd-akram\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/24\"\u003ejonschlinkert/word-wrap#24\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OlafConijn\"\u003e\u003ccode\u003e@​OlafConijn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/41\"\u003ejonschlinkert/word-wrap#41\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aashutoshrathi\"\u003e\u003ccode\u003e@​aashutoshrathi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/pull/33\"\u003ejonschlinkert/word-wrap#33\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4\"\u003ehttps://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/207044ebda1dd3809d15b6000a48409266536771\"\u003e\u003ccode\u003e207044e\u003c/code\u003e\u003c/a\u003e 1.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/98943154855b0dd79b707462b9202614990c7f61\"\u003e\u003ccode\u003e9894315\u003c/code\u003e\u003c/a\u003e revert default indent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/f64b188c7261d26b99e1e2075d6b12f21798e83a\"\u003e\u003ccode\u003ef64b188\u003c/code\u003e\u003c/a\u003e run verb to generate README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/03ea08256ba0c8e8b02b1b304f0f5bd2b1863207\"\u003e\u003ccode\u003e03ea082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/issues/42\"\u003e#42\u003c/a\u003e from jonschlinkert/chore/publish-workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/420dce9a2412b21881202b73a3c34f0edc53cb2e\"\u003e\u003ccode\u003e420dce9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jonschlinkert/word-wrap/issues/41\"\u003e#41\u003c/a\u003e from jonschlinkert/fix/CVE-2023-26115-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/bfa694edf55bb84ff84512f13da6d68bf7593f06\"\u003e\u003ccode\u003ebfa694e\u003c/code\u003e\u003c/a\u003e Update .github/workflows/publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/ace0b3c78f81aaf43040bab3bc91d3c5546d3fd2\"\u003e\u003ccode\u003eace0b3c\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/6fd727594676f3e1b196b08a320908bec2f4ca02\"\u003e\u003ccode\u003e6fd7275\u003c/code\u003e\u003c/a\u003e chore: add publish workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/30d6daf60fce429f5f559252fa86ee78200652c4\"\u003e\u003ccode\u003e30d6daf\u003c/code\u003e\u003c/a\u003e chore: fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonschlinkert/word-wrap/commit/655929cabea6299dddf3b4a21fc3713fca701b48\"\u003e\u003ccode\u003e655929c\u003c/code\u003e\u003c/a\u003e chore: remove package-lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.2.3 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/detail...\n\n_Description has been truncated_\n\n\u003c!-- CURSOR_SUMMARY --\u003e\n---\n\n\u003e [!NOTE]\n\u003e **Medium Risk**\n\u003e Primarily lockfile/dependency version bumps, but several transitive upgrades (including `react-native` ecosystem tooling) could affect build or runtime behavior across both the library and `example` app.\n\u003e \n\u003e **Overview**\n\u003e Updates npm/yarn dependencies across the repo and the `example` app, refreshing both direct and transitive packages (including security-related bumps like `minimist`, `js-yaml`, `json5`, and `async`).\n\u003e \n\u003e **Review checklist**: Linked issue(s): *none referenced*. Acceptance criteria: ✅ (*dependency versions updated*). Scope validation: ✅ (*dependency/lockfile-only change; no product code changes observed*). Test coverage: ⚠️ (*no new/updated tests; recommend running CI + `npm test` and a quick `example` build/run*). Blockers/concerns: ⚠️ (*watch for lockfile drift and any install-script additions in updated packages*).\n\u003e \n\u003e \u003csup\u003eWritten by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit db276c878074230eeee4e9e548665941e08b4475. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).\u003c/sup\u003e\n\u003c!-- /CURSOR_SUMMARY --\u003e","html_url":"https://github.com/millionscard/react-native-otp-input/pull/33","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/millionscard%2Freact-native-otp-input/issues/33","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/33/packages"}},{"old_version":"1.14.2","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-03-31T23:26:48.000Z","version_change":"1.14.2 → 1.16.3","issue":{"uuid":"4182981123","node_id":"PR_kwDODXTmnM7PF-qM","number":7,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T23:43:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T23:26:48.000Z","updated_at":"2026-03-31T23:43:47.000Z","time_to_close":1017,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.14.2","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.3","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.14.2 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.15.0 / 2022-03-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.18.0\n\u003cul\u003e\n\u003cli\u003eFix emitted 416 error missing headers property\u003c/li\u003e\n\u003cli\u003eLimit the headers removed for 304 response\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: destroy@1.2.0\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9b5a12a76f4d70530d2d2a8c7742e9158ed3c0a4\"\u003e\u003ccode\u003e9b5a12a\u003c/code\u003e\u003c/a\u003e 1.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/a39a0df51aa31f22b4947ade34fd90b14c7be1ea\"\u003e\u003ccode\u003ea39a0df\u003c/code\u003e\u003c/a\u003e docs: update CI link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.14.2...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awrennuit/jquery-serverside-calculator/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/awrennuit/jquery-serverside-calculator/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awrennuit%2Fjquery-serverside-calculator/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"1.15.0","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-03-31T23:10:09.000Z","version_change":"1.15.0 → 1.16.3","issue":{"uuid":"4182912203","node_id":"PR_kwDODW0sos7PFzWa","number":6,"state":"closed","title":"Bump serve-static and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T23:16:16.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T23:10:09.000Z","updated_at":"2026-03-31T23:16:18.000Z","time_to_close":367,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"serve-static","repository_url":"https://github.com/expressjs/serve-static","old_version":"1.15.0","new_version":"1.16.3"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.18.2","new_version":"4.22.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps [serve-static](https://github.com/expressjs/serve-static) to 1.16.3 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awrennuit/produce-herb-store/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/awrennuit/produce-herb-store/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awrennuit%2Fproduce-herb-store/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"1.14.1","new_version":"1.16.3","update_type":"minor","path":null,"pr_created_at":"2026-03-30T15:19:05.000Z","version_change":"1.14.1 → 1.16.3","issue":{"uuid":"4171646207","node_id":"PR_kwDOPpNwGc7OqFY0","number":1,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-09T23:33:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-30T15:19:05.000Z","updated_at":"2026-04-09T23:33:07.000Z","time_to_close":893640,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"file-type","old_version":"14.1.4","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"qs","old_version":"6.9.1","new_version":"6.14.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ajv","old_version":"6.10.2","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.19.0","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"handlebars","old_version":"4.5.3","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"koa","old_version":"2.11.0","new_version":"3.1.2","repository_url":"https://github.com/koajs/koa"},{"name":"path-to-regexp","old_version":"6.1.0","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"@babel/helpers","old_version":"7.7.4","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"lodash","old_version":"4.17.15","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.0.17","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.2.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"serve-static","old_version":"1.14.1","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"2.0.0","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"yaml","old_version":"1.7.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [file-type](https://github.com/sindresorhus/file-type) | `14.1.4` | `21.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.9.1` | `6.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.10.2` | `6.14.0` |\n| [axios](https://github.com/axios/axios) | `0.19.0` | `0.30.3` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [koa](https://github.com/koajs/koa) | `2.11.0` | `3.1.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.1.0` | `6.3.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.7.4` | `7.29.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.23` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.0.17` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.1` | `2.3.2` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.0` | `2.1.4` |\n| [yaml](https://github.com/eemeli/yaml) | `1.7.2` | `1.10.3` |\n\n\nUpdates `file-type` from 14.1.4 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v14.1.4...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.9.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.9.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.10.2 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d580d3e8ac6a467670d68d86e3a39fd661ac8c23\"\u003e\u003ccode\u003ed580d3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1298\"\u003e#1298\u003c/a\u003e from ajv-validator/fix-url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fd363896a8d6c5697b5da41f4d9a400a84efaf8e\"\u003e\u003ccode\u003efd36389\u003c/code\u003e\u003c/a\u003e fix: regular expression for \u0026quot;url\u0026quot; format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.10.2...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.19.0 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.19.0...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jasonsaayman\"\u003ejasonsaayman\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.5.3 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.5.3...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.13.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5\"\u003e\u003ccode\u003e34e5072\u003c/code\u003e\u003c/a\u003e 3.14.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b\"\u003e\u003ccode\u003e7b25c83\u003c/code\u003e\u003c/a\u003e Browser files rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae\"\u003e\u003ccode\u003e6f73473\u003c/code\u003e\u003c/a\u003e Dev deps bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720\"\u003e\u003ccode\u003e0c29349\u003c/code\u003e\u003c/a\u003e Travis-CI: drop old nodejs versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `koa` from 2.11.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ekoa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: typo in troubleshooting.md by \u003ca href=\"https://github.com/WuMingDao\"\u003e\u003ccode\u003e@​WuMingDao\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1916\"\u003ekoajs/koa#1916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1921\"\u003ekoajs/koa#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump http-errors from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1919\"\u003ekoajs/koa#1919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump mime-types from 3.0.1 to 3.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1918\"\u003ekoajs/koa#1918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use correct term \u0026quot;Server-Sent Events\u0026quot; in guide by \u003ca href=\"https://github.com/jtr860830\"\u003e\u003ccode\u003e@​jtr860830\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1920\"\u003ekoajs/koa#1920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1917\"\u003ekoajs/koa#1917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1922\"\u003ekoajs/koa#1922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(security): Host Header Injection via \u003ccode\u003ectx.hostname\u003c/code\u003e by \u003ca href=\"https://github.com/killagu\"\u003e\u003ccode\u003e@​killagu\u003c/code\u003e\u003c/a\u003e  \u003ca href=\"https://github.com/koajs/koa/security/advisories/GHSA-7gcc-r8m5-44qm\"\u003ehttps://github.com/koajs/koa/security/advisories/GHSA-7gcc-r8m5-44qm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WuMingDao\"\u003e\u003ccode\u003e@​WuMingDao\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1916\"\u003ekoajs/koa#1916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jtr860830\"\u003e\u003ccode\u003e@​jtr860830\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1920\"\u003ekoajs/koa#1920\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/koajs/koa/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: only original value destroy if the new value is not a stream by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1914\"\u003ekoajs/koa#1914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/koajs/koa/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: fixes mem leak relating to issue-1834 by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1893\"\u003ekoajs/koa#1893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: adds steam clean up by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1910\"\u003ekoajs/koa#1910\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.3...v3.1.0\"\u003ehttps://github.com/koajs/koa/compare/v3.0.3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: normalize referer before redirect by \u003ca href=\"https://github.com/fengmk2\"\u003e\u003ccode\u003e@​fengmk2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1908\"\u003ekoajs/koa#1908\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.2...v3.0.3\"\u003ehttps://github.com/koajs/koa/compare/v3.0.2...v3.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: fixes response.attachment behaviour leads to Content-Type Sniffing by \u003ca href=\"https://github.com/yowainwright\"\u003e\u003ccode\u003e@​yowainwright\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1904\"\u003ekoajs/koa#1904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: use NPM trusted publishing with semver tag triggers by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1907\"\u003ekoajs/koa#1907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1907\"\u003ekoajs/koa#1907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.0.1...v3.0.2\"\u003ehttps://github.com/koajs/koa/compare/v3.0.1...v3.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/blob/master/History.md\"\u003ekoa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nMoving forwards we are using the GitHub releases page at \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ehttps://github.com/koajs/koa/releases\u003c/a\u003e in combination with \u003ca href=\"https://www.npmjs.com/package/np\"\u003enp\u003c/a\u003e for publishing releases and their changelogs.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003e3.0.0-alpha.3 / 2025-02-11\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid redos on host and protocol getter\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.2 / 2024-11-04\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003ebreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ehttp-errors\u003c/code\u003e to \u003ccode\u003ev2.0.0\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1486\"\u003e#1486\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ectx.throw\u003c/code\u003e now requires a format of \u003ccode\u003ectx.throw(status, error, properties)\u003c/code\u003e. See: \u003ca href=\"https://www.npmjs.com/package/http-errors\"\u003ehttps://www.npmjs.com/package/http-errors\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eres.redirect('back')\u003c/code\u003e, add \u003ccode\u003eback()\u003c/code\u003e method to \u003ccode\u003ectx\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1115\"\u003e#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace node querystring with \u003ccode\u003eURLSearchParams\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1828\"\u003e#1828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove obsolete \u003ccode\u003ecreateAsyncCtxStorageMiddleware\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1817\"\u003e#1817\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003efeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for web WHATWG \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1830\"\u003e#1830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eupdates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003ecookies\u003c/code\u003e to \u003ccode\u003e~0.9.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1846\"\u003e#1846\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate \u003ccode\u003estatuses\u003c/code\u003e to \u003ccode\u003e^2.0.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate \u003ccode\u003esupertest\u003c/code\u003e to \u003ccode\u003e^7.0.0\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1841\"\u003e#1841\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eexports.defaults\u003c/code\u003e in \u003ccode\u003epackage.json\u003c/code\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1630\"\u003e#1630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix leaky handles in tests \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1838\"\u003e#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix body null checks \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1814\"\u003e#1814\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reformatting redirect URLs \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1805\"\u003e#1805\u003c/a\u003e \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1804\"\u003e#1804\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing \u003ccode\u003ectx\u003c/code\u003e in error handler \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1758\"\u003e#1758\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003emigrations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate from \u003ccode\u003ejest\u003c/code\u003e to the native node test runner \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1845\"\u003e#1845\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.1 / 2023-04-12\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003efixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[\u003ca href=\"http://github.com/koajs/koa/commit/e98b8d1918376dc2957aa62906bf5893bef66c4c\"\u003e\u003ccode\u003ee98b8d1\u003c/code\u003e\u003c/a\u003e] - fix: can not get currentContext in error handler (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1758\"\u003e#1758\u003c/a\u003e) (Gxkl \u0026lt;\u003ca href=\"mailto:gxkl203@gmail.com\"\u003egxkl203@gmail.com\u003c/a\u003e\u0026gt;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.0.0-alpha.0 / 2023-01-02\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/c5a52e056d61afa012a08d3aa89a59bce5ccbf1b\"\u003e\u003ccode\u003ec5a52e0\u003c/code\u003e\u003c/a\u003e 3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/55ab9bab044ead4e82c70a30a4f9dc0fc9c1b6df\"\u003e\u003ccode\u003e55ab9ba\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/fecd464ae7be82bd71b275c1faa746dd1c45ef5b\"\u003e\u003ccode\u003efecd464\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/d2066cf2a52fe3aeeb5778c8cce204a73ea6fb87\"\u003e\u003ccode\u003ed2066cf\u003c/code\u003e\u003c/a\u003e build(deps): bump content-disposition from 0.5.4 to 1.0.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/8694a06eb67aeec90f06f17b2a716bccfbad11e5\"\u003e\u003ccode\u003e8694a06\u003c/code\u003e\u003c/a\u003e docs: use correct term \u0026quot;Server-Sent Events\u0026quot; in guide (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1920\"\u003e#1920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/096682b31592b20319549f57517abf3fc90649a1\"\u003e\u003ccode\u003e096682b\u003c/code\u003e\u003c/a\u003e build(deps): bump mime-types from 3.0.1 to 3.0.2 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1918\"\u003e#1918\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/8215c2e3896932d966951042f9a0d8aa743e40fe\"\u003e\u003ccode\u003e8215c2e\u003c/code\u003e\u003c/a\u003e build(deps): bump http-errors from 2.0.0 to 2.0.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1919\"\u003e#1919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/cfe5ec6aea6acf2ebf2868687692dae7fac726fe\"\u003e\u003ccode\u003ecfe5ec6\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump qs from 6.14.0 to 6.14.1 (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1921\"\u003e#1921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/0a6afa5a6107c0c8baf4722e29de7566f33d1651\"\u003e\u003ccode\u003e0a6afa5\u003c/code\u003e\u003c/a\u003e fix: typo in troubleshooting.md (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/2e52fb589c29c9aa6f0915515263372c3a2ce4bf\"\u003e\u003ccode\u003e2e52fb5\u003c/code\u003e\u003c/a\u003e 3.1.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/koajs/koa/compare/2.11.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for koa since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.1.0 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix matching \u003ccode\u003e:name*\u003c/code\u003e parameter\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid matching of \u003ccode\u003e:name*\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/261\"\u003e#261\u003c/a\u003e)  762bc6b\u003c/li\u003e\n\u003cli\u003eCompare delimiter string over regexp  86baef8\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNew example in documentation (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/256\"\u003e#256\u003c/a\u003e)  ae9e576\u003c/li\u003e\n\u003cli\u003eUpdate demo link (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/250\"\u003e#250\u003c/a\u003e)  77df638\u003c/li\u003e\n\u003cli\u003eUpdate README encode example  b39edd4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.0...v6.2.1\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.0...v6.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNamed Capturing Groups\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport named capturing groups for RegExps (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003estrict\u003c/code\u003e flag documentation (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore test files when bundling (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/220\"\u003e#220\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.1.0...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.7.4 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.8 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.8...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fanatid\"\u003efanatid\u003c/a\u003e, a new releaser for bn.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/saasify/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fsaasify/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}}]}